summaryrefslogtreecommitdiff
path: root/user/sox/CVE-2017-15370.patch
diff options
context:
space:
mode:
Diffstat (limited to 'user/sox/CVE-2017-15370.patch')
-rw-r--r--user/sox/CVE-2017-15370.patch28
1 files changed, 0 insertions, 28 deletions
diff --git a/user/sox/CVE-2017-15370.patch b/user/sox/CVE-2017-15370.patch
deleted file mode 100644
index 9e6a7f7ee..000000000
--- a/user/sox/CVE-2017-15370.patch
+++ /dev/null
@@ -1,28 +0,0 @@
-From e076a7ad504add6e8c3b8699e8587eef0e0d9bc3 Mon Sep 17 00:00:00 2001
-From: Mans Rullgard <mans@mansr.com>
-Date: Sun, 5 Nov 2017 16:21:23 +0000
-Subject: [PATCH] wav: ima_adpcm: fix buffer overflow on corrupt input
- (CVE-2017-15370)
-
-Add the same check bad block size as was done for MS adpcm in commit
-f39c574b ("More checks for invalid MS ADPCM blocks").
----
- src/wav.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/wav.c b/src/wav.c
-index eca1cde5..fad334cf 100644
---- a/src/wav.c
-+++ b/src/wav.c
-@@ -127,7 +127,7 @@ static unsigned short ImaAdpcmReadBlock(sox_format_t * ft)
- /* work with partial blocks. Specs say it should be null */
- /* padded but I guess this is better than trailing quiet. */
- samplesThisBlock = lsx_ima_samples_in((size_t)0, (size_t)ft->signal.channels, bytesRead, (size_t) 0);
-- if (samplesThisBlock == 0)
-+ if (samplesThisBlock == 0 || samplesThisBlock > wav->samplesPerBlock)
- {
- lsx_warn("Premature EOF on .wav input file");
- return 0;
---
-2.25.0
-