| From 5473aeef7875e54bd0f786fbdd259a35aaee875c Mon Sep 17 00:00:00 2001 |
| From: Changqing Li <changqing.li@windriver.com> |
| Date: Wed, 10 Oct 2018 08:59:30 +0800 |
| Subject: [PATCH] libsndfile1: patch for CVE-2018-13139 |
| |
| Upstream-Status: Backport [https://github.com/bwarden/libsndfile/ |
| commit/df18323c622b54221ee7ace74b177cdcccc152d7] |
| |
| CVE: CVE-2018-13139 |
| |
| Signed-off-by: Changqing Li <changqing.li@windriver.com> |
| --- |
| programs/sndfile-deinterleave.c | 6 ++++++ |
| 1 file changed, 6 insertions(+) |
| |
| diff --git a/programs/sndfile-deinterleave.c b/programs/sndfile-deinterleave.c |
| index e27593e..721bee7 100644 |
| --- a/programs/sndfile-deinterleave.c |
| +++ b/programs/sndfile-deinterleave.c |
| @@ -89,6 +89,12 @@ main (int argc, char **argv) |
| exit (1) ; |
| } ; |
| |
| + if (sfinfo.channels > MAX_CHANNELS) |
| + { printf ("\nError : Input file '%s' has too many (%d) channels. Limit is %d.\n", |
| + argv [1], sfinfo.channels, MAX_CHANNELS) ; |
| + exit (1) ; |
| + } ; |
| + |
| state.channels = sfinfo.channels ; |
| sfinfo.channels = 1 ; |
| |
| -- |
| 2.7.4 |
| |