diff options
author | 2020-03-30 09:24:26 +0900 | |
---|---|---|
committer | 2020-03-30 09:24:26 +0900 | |
commit | 5b80bfd7bffd4c20d80b7c70a7130529e9a755dd (patch) | |
tree | b4bb18dcd1487dbf1ea8127e5671b7bb2eded033 /external/poky/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2018-13139.patch | |
parent | 706ad73eb02caf8532deaf5d38995bd258725cb8 (diff) |
agl-basesystem
Diffstat (limited to 'external/poky/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2018-13139.patch')
-rw-r--r-- | external/poky/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2018-13139.patch | 37 |
1 files changed, 37 insertions, 0 deletions
diff --git a/external/poky/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2018-13139.patch b/external/poky/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2018-13139.patch new file mode 100644 index 00000000..707373d4 --- /dev/null +++ b/external/poky/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2018-13139.patch @@ -0,0 +1,37 @@ +CVE: CVE-2018-13139 +Upstream-Status: Backport [9dc989eb89cd697e19897afa616d6ab0debe4822] +Signed-off-by: Ross Burton <ross.burton@intel.com> + +From 9dc989eb89cd697e19897afa616d6ab0debe4822 Mon Sep 17 00:00:00 2001 +From: "Brett T. Warden" <brett.t.warden@intel.com> +Date: Tue, 28 Aug 2018 12:01:17 -0700 +Subject: [PATCH] Check MAX_CHANNELS in sndfile-deinterleave + +Allocated buffer has space for only 16 channels. Verify that input file +meets this limit. + +Fixes #397 +--- + programs/sndfile-deinterleave.c | 7 +++++++ + 1 file changed, 7 insertions(+) + +diff --git a/programs/sndfile-deinterleave.c b/programs/sndfile-deinterleave.c +index e27593e2..cb497e1f 100644 +--- a/programs/sndfile-deinterleave.c ++++ b/programs/sndfile-deinterleave.c +@@ -89,6 +89,13 @@ main (int argc, char **argv) + exit (1) ; + } ; + ++ if (sfinfo.channels > MAX_CHANNELS) ++ { printf ("\nError : Input file '%s' has too many (%d) channels. Limit is %d.\n", ++ argv [1], sfinfo.channels, MAX_CHANNELS) ; ++ exit (1) ; ++ } ; ++ ++ + state.channels = sfinfo.channels ; + sfinfo.channels = 1 ; + +-- +2.11.0 |