Changeset View
Changeset View
Standalone View
Standalone View
audio/libsndfile/files/patch-CVE-2017-6892
- This file was added.
Property | Old Value | New Value |
---|---|---|
fbsd:nokeywords | null | yes \ No newline at end of property |
svn:eol-style | null | native \ No newline at end of property |
svn:mime-type | null | text/plain \ No newline at end of property |
From f833c53cb596e9e1792949f762e0b33661822748 Mon Sep 17 00:00:00 2001 | |||||
From: Erik de Castro Lopo <erikd@mega-nerd.com> | |||||
Date: Tue, 23 May 2017 20:15:24 +1000 | |||||
Subject: [PATCH] src/aiff.c: Fix a buffer read overflow | |||||
Secunia Advisory SA76717. | |||||
Found by: Laurent Delosieres, Secunia Research at Flexera Software | |||||
--- src/aiff.c.orig 2017-04-01 07:18:02 UTC | |||||
+++ src/aiff.c | |||||
@@ -1905,7 +1905,7 @@ aiff_read_chanmap (SF_PRIVATE * psf, unsigned dword) | |||||
psf_binheader_readf (psf, "j", dword - bytesread) ; | |||||
if (map_info->channel_map != NULL) | |||||
- { size_t chanmap_size = psf->sf.channels * sizeof (psf->channel_map [0]) ; | |||||
+ { size_t chanmap_size = SF_MIN (psf->sf.channels, layout_tag & 0xffff) * sizeof (psf->channel_map [0]) ; | |||||
free (psf->channel_map) ; | |||||