From 451e5cf47f3a45ebf46cad0940f07ef05324f4c5 Mon Sep 17 00:00:00 2001 From: Zach van Rijn Date: Fri, 11 Nov 2022 14:15:59 -0600 Subject: user/audiofile: multiple CVE patches. fixes #124. --- .../CVE-2017-6827,6828,6832,6833,6835,6837.patch | 34 ++++++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 user/audiofile/CVE-2017-6827,6828,6832,6833,6835,6837.patch (limited to 'user/audiofile/CVE-2017-6827,6828,6832,6833,6835,6837.patch') diff --git a/user/audiofile/CVE-2017-6827,6828,6832,6833,6835,6837.patch b/user/audiofile/CVE-2017-6827,6828,6832,6833,6835,6837.patch new file mode 100644 index 000000000..0465a1f59 --- /dev/null +++ b/user/audiofile/CVE-2017-6827,6828,6832,6833,6835,6837.patch @@ -0,0 +1,34 @@ +From c48e4c6503f7dabd41f11d4c9c7b7f8960e7f2c0 Mon Sep 17 00:00:00 2001 +From: Antonio Larrosa +Date: Mon, 6 Mar 2017 12:51:22 +0100 +Subject: [PATCH 1/3] Always check the number of coefficients + +When building the library with NDEBUG, asserts are eliminated +so it's better to always check that the number of coefficients +is inside the array range. + +This fixes the 00191-audiofile-indexoob issue in #41 +--- + libaudiofile/WAVE.cpp | 6 ++++++ + 1 file changed, 6 insertions(+) + +diff --git a/libaudiofile/WAVE.cpp b/libaudiofile/WAVE.cpp +index 0e81cf7..61f9541 100644 +--- a/libaudiofile/WAVE.cpp ++++ b/libaudiofile/WAVE.cpp +@@ -281,6 +281,12 @@ status WAVEFile::parseFormat(const Tag &id, uint32_t size) + + /* numCoefficients should be at least 7. */ + assert(numCoefficients >= 7 && numCoefficients <= 255); ++ if (numCoefficients < 7 || numCoefficients > 255) ++ { ++ _af_error(AF_BAD_HEADER, ++ "Bad number of coefficients"); ++ return AF_FAIL; ++ } + + m_msadpcmNumCoefficients = numCoefficients; + +-- +2.36.1 + -- cgit v1.2.3-70-g09d2