Projects
Mega:24.03
audiofile
_service:tar_scm:backport-CVE-2017-6828.patch
Sign Up
Log In
Username
Password
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _service:tar_scm:backport-CVE-2017-6828.patch of Package audiofile
From c48e4c6503f7dabd41f11d4c9c7b7f8960e7f2c0 Mon Sep 17 00:00:00 2001 From: Antonio Larrosa <larrosa@kde.org> Date: Mon, 6 Mar 2017 12:51:22 +0100 Subject: [PATCH] Always check the number of coefficients When building the library with NDEBUG, asserts are eliminated so it's better to always check that the number of coefficients is inside the array range. This fixes the 00191-audiofile-indexoob issue in #41 --- libaudiofile/WAVE.cpp | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/libaudiofile/WAVE.cpp b/libaudiofile/WAVE.cpp index 0e81cf7..61f9541 100644 --- a/libaudiofile/WAVE.cpp +++ b/libaudiofile/WAVE.cpp @@ -281,6 +281,12 @@ status WAVEFile::parseFormat(const Tag &id, uint32_t size) /* numCoefficients should be at least 7. */ assert(numCoefficients >= 7 && numCoefficients <= 255); + if (numCoefficients < 7 || numCoefficients > 255) + { + _af_error(AF_BAD_HEADER, + "Bad number of coefficients"); + return AF_FAIL; + } m_msadpcmNumCoefficients = numCoefficients;
Locations
Projects
Search
Status Monitor
Help
Open Build Service
OBS Manuals
API Documentation
OBS Portal
Reporting a Bug
Contact
Mailing List
Forums
Chat (IRC)
Twitter
Open Build Service (OBS)
is an
openSUSE project
.
浙ICP备2022010568号-2