Takashi Iwai
2c538a18aa
- Fix buffer overflow in sndfile-deinterlace, which isn't really a security issue (bsc#1100167, CVE-2018-13139): sndfile-deinterlace-channels-check.patch OBS-URL: https://build.opensuse.org/request/show/621327 OBS-URL: https://build.opensuse.org/package/show/multimedia:libs/libsndfile?expand=0&rev=68
17 lines
484 B
Diff
17 lines
484 B
Diff
diff --git a/programs/sndfile-deinterleave.c b/programs/sndfile-deinterleave.c
|
|
index 5366031075ab..712cb96cda76 100644
|
|
--- a/programs/sndfile-deinterleave.c
|
|
+++ b/programs/sndfile-deinterleave.c
|
|
@@ -89,6 +89,11 @@ main (int argc, char **argv)
|
|
exit (1) ;
|
|
} ;
|
|
|
|
+ if (sfinfo.channels > MAX_CHANNELS)
|
|
+ { printf ("\nError : Too many channels %d in input file '%s'.\n", sfinfo.channels, argv[1]) ;
|
|
+ exit (1) ;
|
|
+ }
|
|
+
|
|
state.channels = sfinfo.channels ;
|
|
sfinfo.channels = 1 ;
|
|
|