pool/libsndfile
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
libsndfile/libsndfile-fix-header-read-CVE-2015-7805.patch

20 lines
711 B
Diff
Raw Normal View History

Accepting request 342561 from home:tiwai:branches:multimedia:libs - VUL-0: libsndfile 1.0.25 heap overflow (CVE-2015-7805, bsc#953516) libsndfile-src-common.c-Fix-a-header-parsing-bug.patch libsndfile-fix-header-read-CVE-2015-7805.patch - VUL-0: libsndfile 1.0.25 heap overflow (CVE-2015-8075, bsc#953519) libsndfile-psf_strlcpy_crlf-fix-CVE-2015-8075.patch - Fix the build with SLE11-SP3 due to AM_SILENT_RULE macro OBS-URL: https://build.opensuse.org/request/show/342561 OBS-URL: https://build.opensuse.org/package/show/multimedia:libs/libsndfile?expand=0&rev=48
2015-11-05 13:58:36 +00:00
---
src/common.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
--- a/src/common.c
+++ b/src/common.c
@@ -800,9 +800,10 @@ header_read (SF_PRIVATE *psf, void *ptr,
if (psf->headindex + bytes > SIGNED_SIZEOF (psf->header))
{ int most ;
- most = SIGNED_SIZEOF (psf->header) - psf->headindex ;
+ most = SIGNED_SIZEOF (psf->header) - psf->headend ;
psf_fread (psf->header + psf->headend, 1, most, psf) ;
- memcpy (ptr, psf->header + psf->headend, most) ;
+ most = SIGNED_SIZEOF (psf->header) - psf->headindex ;
+ memcpy (ptr, psf->header + psf->headindex, most) ;
psf->headend = psf->headindex += most ;
psf_fread ((char *) ptr + most, bytes - most, 1, psf) ;
return bytes ;
Reference in New Issue Copy Permalink