19 lines
742 B
Diff
19 lines
742 B
Diff
Description: Fix for CVE-2017-6892
|
|
Author: Erik de Castro Lopez
|
|
Origin: https://github.com/erikd/libsndfile/commit/f833c53cb596e9e1792949f762e0b33661822748
|
|
Applied-Upstream: https://github.com/erikd/libsndfile/commit/f833c53cb596e9e1792949f762e0b33661822748
|
|
Last-Update: 2017-06-20
|
|
---
|
|
This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
|
|
--- libsndfile.orig/src/aiff.c
|
|
+++ libsndfile/src/aiff.c
|
|
@@ -1905,7 +1905,7 @@
|
|
psf_binheader_readf (psf, "j", dword - bytesread) ;
|
|
|
|
if (map_info->channel_map != NULL)
|
|
- { size_t chanmap_size = psf->sf.channels * sizeof (psf->channel_map [0]) ;
|
|
+ { size_t chanmap_size = SF_MIN (psf->sf.channels, layout_tag & 0xffff) * sizeof (psf->channel_map [0]) ;
|
|
|
|
free (psf->channel_map) ;
|
|
|