Takashi Iwai
2ba3b200ab
- Apply various fix patches taken from Debian package; it fixes also other entries (CVE-2022-31650 bsc#1212060 CVE-2023-34318 bsc#1212062 CVE-2023-34432 bsc#1212063): CVE-2019-13590.patch CVE-2021-3643.patch CVE-2021-23159.patch CVE-2021-33844.patch CVE-2021-40426.patch CVE-2022-31650.patch CVE-2022-31651.patch - Fix floating point exception in src/voc.c (CVE-2023-32627 bsc#1212061): CVE-2023-32627.patch OBS-URL: https://build.opensuse.org/request/show/1120234 OBS-URL: https://build.opensuse.org/package/show/multimedia:apps/sox?expand=0&rev=45
29 lines
822 B
Diff
29 lines
822 B
Diff
From: Helmut Grohne <helmut@subdivi.de>
|
|
Subject: sphere: avoid integer underflow
|
|
Link: https://talosintelligence.com/vulnerability_reports/TALOS-2021-1434
|
|
Bug: https://sourceforge.net/p/sox/bugs/362/
|
|
Bug-Debian: https://bugs.debian.org/1012138
|
|
|
|
--- a/src/sphere.c
|
|
+++ b/src/sphere.c
|
|
@@ -63,7 +63,8 @@
|
|
return (SOX_EOF);
|
|
}
|
|
|
|
- header_size -= (strlen(buf) + 1);
|
|
+ bytes_read = strlen(buf);
|
|
+ header_size -= bytes_read >= header_size ? header_size : bytes_read + 1;
|
|
|
|
while (strncmp(buf, "end_head", (size_t)8) != 0) {
|
|
if (strncmp(buf, "sample_n_bytes", (size_t)14) == 0)
|
|
@@ -105,7 +106,8 @@
|
|
return (SOX_EOF);
|
|
}
|
|
|
|
- header_size -= (strlen(buf) + 1);
|
|
+ bytes_read = strlen(buf);
|
|
+ header_size -= bytes_read >= header_size ? header_size : bytes_read + 1;
|
|
}
|
|
|
|
if (!bytes_per_sample)
|