| Brad Bishop | 220d553 | 2018-08-14 00:59:39 +0100 | [diff] [blame] | 1 | From 112d3bd0aaacad51305e1464d4b381dabad0e88b Mon Sep 17 00:00:00 2001 |
| 2 | From: Thomas Daede <daede003@umn.edu> |
| 3 | Date: Thu, 17 May 2018 16:19:19 -0700 |
| 4 | Subject: [PATCH] Sanity check number of channels in setup. |
| 5 | |
| 6 | Fixes #2335. |
| Brad Bishop | 220d553 | 2018-08-14 00:59:39 +0100 | [diff] [blame] | 7 | |
| Brad Bishop | 220d553 | 2018-08-14 00:59:39 +0100 | [diff] [blame] | 8 | --- |
| Brad Bishop | 1a4b7ee | 2018-12-16 17:11:34 -0800 | [diff] [blame] | 9 | CVE: CVE-2018-10392 |
| 10 | |
| 11 | Upstream-Status: Backport [gitlab.com/Xiph.Org/Vorbis/Commits/112d3bd...] |
| 12 | |
| 13 | Signed-off-by: Joe Slater <joe.slater@windriver.com> |
| 14 | --- |
| 15 | |
| 16 | lib/vorbisenc.c | 1 + |
| Brad Bishop | 220d553 | 2018-08-14 00:59:39 +0100 | [diff] [blame] | 17 | 1 file changed, 1 insertion(+) |
| 18 | |
| Brad Bishop | 1a4b7ee | 2018-12-16 17:11:34 -0800 | [diff] [blame] | 19 | |
| Brad Bishop | 220d553 | 2018-08-14 00:59:39 +0100 | [diff] [blame] | 20 | diff --git a/lib/vorbisenc.c b/lib/vorbisenc.c |
| 21 | index 4fc7b62..64a51b5 100644 |
| 22 | --- a/lib/vorbisenc.c |
| 23 | +++ b/lib/vorbisenc.c |
| 24 | @@ -684,6 +684,7 @@ int vorbis_encode_setup_init(vorbis_info *vi){ |
| 25 | highlevel_encode_setup *hi=&ci->hi; |
| 26 | |
| 27 | if(ci==NULL)return(OV_EINVAL); |
| 28 | + if(vi->channels<1||vi->channels>255)return(OV_EINVAL); |
| 29 | if(!hi->impulse_block_p)i0=1; |
| 30 | |
| 31 | /* too low/high an ATH floater is nonsensical, but doesn't break anything */ |
| 32 | -- |
| Brad Bishop | 1a4b7ee | 2018-12-16 17:11:34 -0800 | [diff] [blame] | 33 | 1.7.9.5 |
| Brad Bishop | 220d553 | 2018-08-14 00:59:39 +0100 | [diff] [blame] | 34 | |