Contents of /trunk/audiofile/patches/audiofile-0.3.6-Always-check-the-number-of-coefficients.patch
Parent Directory | Revision Log
Revision 3077 -
(show annotations)
(download)
Mon Jan 22 12:38:50 2018 UTC (6 years, 8 months ago) by niro
File size: 947 byte(s)
Mon Jan 22 12:38:50 2018 UTC (6 years, 8 months ago) by niro
File size: 947 byte(s)
-added several security and build fixes
1 | From: Antonio Larrosa <larrosa@kde.org> |
2 | Date: Mon, 6 Mar 2017 12:51:22 +0100 |
3 | Subject: Always check the number of coefficients |
4 | |
5 | When building the library with NDEBUG, asserts are eliminated |
6 | so it's better to always check that the number of coefficients |
7 | is inside the array range. |
8 | |
9 | This fixes the 00191-audiofile-indexoob issue in #41 |
10 | --- |
11 | libaudiofile/WAVE.cpp | 6 ++++++ |
12 | 1 file changed, 6 insertions(+) |
13 | |
14 | diff --git a/libaudiofile/WAVE.cpp b/libaudiofile/WAVE.cpp |
15 | index 9dd8511..0fc48e8 100644 |
16 | --- a/libaudiofile/WAVE.cpp |
17 | +++ b/libaudiofile/WAVE.cpp |
18 | @@ -281,6 +281,12 @@ status WAVEFile::parseFormat(const Tag &id, uint32_t size) |
19 | |
20 | /* numCoefficients should be at least 7. */ |
21 | assert(numCoefficients >= 7 && numCoefficients <= 255); |
22 | + if (numCoefficients < 7 || numCoefficients > 255) |
23 | + { |
24 | + _af_error(AF_BAD_HEADER, |
25 | + "Bad number of coefficients"); |
26 | + return AF_FAIL; |
27 | + } |
28 | |
29 | m_msadpcmNumCoefficients = numCoefficients; |
30 |