Projects
home:Eustace:branches:Eulaceura:Factory
sox
_service:obs_scm:CVE-2021-3643.patch
Sign Up
Log In
Username
Password
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _service:obs_scm:CVE-2021-3643.patch of Package sox
From: Helmut Grohne <helmut@subdivi.de> Date: Sat, 11 Nov 2023 18:18:40 +0100 Subject: voc: word width should never be 0 to avoid division by zero Bug: https://sourceforge.net/p/sox/bugs/351/ Bug-Debian: https://bugs.debian.org/1010374 This patch fixes both CVE-2021-3643 and CVE-2021-23210. --- src/voc.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/voc.c b/src/voc.c index f026178..f44933d 100644 --- a/src/voc.c +++ b/src/voc.c @@ -614,6 +614,10 @@ static int getblock(sox_format_t * ft) v->rate = new_rate_32; ft->signal.rate = new_rate_32; lsx_readb(ft, &uc); + if (uc <= 1) { + lsx_fail_errno(ft, SOX_EFMT, "2 bits per word required"); + return (SOX_EOF); + } v->size = uc; lsx_readb(ft, &(v->channels)); lsx_readw(ft, &(v->format)); /* ANN: added format */
Locations
Projects
Search
Status Monitor
Help
Open Build Service
OBS Manuals
API Documentation
OBS Portal
Reporting a Bug
Contact
Mailing List
Forums
Chat (IRC)
Twitter
Open Build Service (OBS)
is an
openSUSE project
.
浙ICP备2022010568号-2