rpm/aubio
SHA256
1
0
Fork 0
forked from pool/aubio
Code Pull Requests Activity
aubio/0001-src-pitch-pitchyinfft.c-fix-out-of-bound-read-when-s.patch
Takashi Iwai a3d4a60444 Accepting request 627873 from home:tiwai:branches:multimedia:libs 
- Fix minor security issues leading to segfault or buffer overread
  (CVE-2018-14522, bsc#1102359, CVE-2018-14523, bsc#1102364):
  0001-src-pitch-pitchyinfft.c-fix-out-of-bound-read-when-s.patch
  0002-src-pitch-pitchyinfft.c-comment-out-debug-output.patch
  0001-src-notes-notes.c-bail-out-if-pitch-creation-failed-.patch
  0002-src-io-source_wavread.c-also-exit-if-samplerate-is-n.patch
- Refresh the previous fixes from the upstream version
  aubio-wavread-input-validation.patch
  aubio-resampler-NULL-deref-fix.patch

OBS-URL: https://build.opensuse.org/request/show/627873
OBS-URL: https://build.opensuse.org/package/show/multimedia:libs/aubio?expand=0&rev=25
2018-08-07 13:34:56 +00:00

37 lines
1.4 KiB
Diff
Raw Blame History

From af4f9e6a93b629fb6defa2a229ec828885b9d187 Mon Sep 17 00:00:00 2001
From: Paul Brossier <piem@piem.org>
Date: Mon, 6 Aug 2018 13:41:52 +0200
Subject: [PATCH] src/pitch/pitchyinfft.c: fix out of bound read when
samplerate > 50kHz (closes: #189)
---
src/pitch/pitchyinfft.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/src/pitch/pitchyinfft.c b/src/pitch/pitchyinfft.c
index f213ef2406cf..493ca08d40e0 100644
--- a/src/pitch/pitchyinfft.c
+++ b/src/pitch/pitchyinfft.c
@@ -44,7 +44,7 @@ static const smpl_t freqs[] = {
0., 20., 25., 31.5, 40., 50., 63., 80., 100., 125.,
160., 200., 250., 315., 400., 500., 630., 800., 1000., 1250.,
1600., 2000., 2500., 3150., 4000., 5000., 6300., 8000., 9000., 10000.,
- 12500., 15000., 20000., 25100
+ 12500., 15000., 20000., 25100., -1.
};
static const smpl_t weight[] = {
@@ -72,7 +72,8 @@ new_aubio_pitchyinfft (uint_t samplerate, uint_t bufsize)
p->weight = new_fvec (bufsize / 2 + 1);
for (i = 0; i < p->weight->length; i++) {
freq = (smpl_t) i / (smpl_t) bufsize *(smpl_t) samplerate;
- while (freq > freqs[j]) {
+ while (freq > freqs[j] && freqs[j] > 0) {
+ AUBIO_DBG("freq %3.5f > %3.5f \tsamplerate %d (Hz) \t(weight length %d, bufsize %d) %d %d\n", freq, freqs[j], samplerate, p->weight->length, bufsize, i, j);
j += 1;
}
a0 = weight[j - 1];
--
2.18.0
View Git Blame Copy Permalink