diff options
Diffstat (limited to 'user/sox/CVE-2017-15370.patch')
| -rw-r--r-- | user/sox/CVE-2017-15370.patch | 28 |
1 files changed, 0 insertions, 28 deletions
diff --git a/user/sox/CVE-2017-15370.patch b/user/sox/CVE-2017-15370.patch deleted file mode 100644 index 9e6a7f7ee..000000000 --- a/user/sox/CVE-2017-15370.patch +++ /dev/null @@ -1,28 +0,0 @@ -From e076a7ad504add6e8c3b8699e8587eef0e0d9bc3 Mon Sep 17 00:00:00 2001 -From: Mans Rullgard <mans@mansr.com> -Date: Sun, 5 Nov 2017 16:21:23 +0000 -Subject: [PATCH] wav: ima_adpcm: fix buffer overflow on corrupt input - (CVE-2017-15370) - -Add the same check bad block size as was done for MS adpcm in commit -f39c574b ("More checks for invalid MS ADPCM blocks"). ---- - src/wav.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/wav.c b/src/wav.c -index eca1cde5..fad334cf 100644 ---- a/src/wav.c -+++ b/src/wav.c -@@ -127,7 +127,7 @@ static unsigned short ImaAdpcmReadBlock(sox_format_t * ft) - /* work with partial blocks. Specs say it should be null */ - /* padded but I guess this is better than trailing quiet. */ - samplesThisBlock = lsx_ima_samples_in((size_t)0, (size_t)ft->signal.channels, bytesRead, (size_t) 0); -- if (samplesThisBlock == 0) -+ if (samplesThisBlock == 0 || samplesThisBlock > wav->samplesPerBlock) - { - lsx_warn("Premature EOF on .wav input file"); - return 0; --- -2.25.0 - |