Annotation of /trunk/audiofile/patches/audiofile-0.3.6-Always-check-the-number-of-coefficients.patch
Parent Directory
| 
Revision Log
Revision 3077 -
(hide annotations)
(download)
Mon Jan 22 12:38:50 2018 UTC (6 years, 5 months ago) by niro
File size: 947 byte(s)
Mon Jan 22 12:38:50 2018 UTC (6 years, 5 months ago) by niro
File size: 947 byte(s)
-added several security and build fixes
| 1 | niro | 3077 | From: Antonio Larrosa <larrosa@kde.org> |
| 2 | Date: Mon, 6 Mar 2017 12:51:22 +0100 | ||
| 3 | Subject: Always check the number of coefficients | ||
| 4 | |||
| 5 | When building the library with NDEBUG, asserts are eliminated | ||
| 6 | so it's better to always check that the number of coefficients | ||
| 7 | is inside the array range. | ||
| 8 | |||
| 9 | This fixes the 00191-audiofile-indexoob issue in #41 | ||
| 10 | --- | ||
| 11 | libaudiofile/WAVE.cpp | 6 ++++++ | ||
| 12 | 1 file changed, 6 insertions(+) | ||
| 13 | |||
| 14 | diff --git a/libaudiofile/WAVE.cpp b/libaudiofile/WAVE.cpp | ||
| 15 | index 9dd8511..0fc48e8 100644 | ||
| 16 | --- a/libaudiofile/WAVE.cpp | ||
| 17 | +++ b/libaudiofile/WAVE.cpp | ||
| 18 | @@ -281,6 +281,12 @@ status WAVEFile::parseFormat(const Tag &id, uint32_t size) | ||
| 19 | |||
| 20 | /* numCoefficients should be at least 7. */ | ||
| 21 | assert(numCoefficients >= 7 && numCoefficients <= 255); | ||
| 22 | + if (numCoefficients < 7 || numCoefficients > 255) | ||
| 23 | + { | ||
| 24 | + _af_error(AF_BAD_HEADER, | ||
| 25 | + "Bad number of coefficients"); | ||
| 26 | + return AF_FAIL; | ||
| 27 | + } | ||
| 28 | |||
| 29 | m_msadpcmNumCoefficients = numCoefficients; | ||
| 30 |