void-packages/srcpkgs/libvorbis/patches/CVE-2017-14633.patch at f108c5f85edad4fd3f42a6939025998017cd8b13 - snailed/void-packages - Forgejo: Beyond coding. We forge.

snailed/void-packages

Helmut Pozimski 2f2c5d85d6 libvorbis: add patches for CVE-2017-14632 and CVE-2017-14633

patches via Debian, originally from upstream
c1c2831fc7
a79ec216cd

Closes: #11657 [via git-merge-pr]

2018-02-20 17:14:33 -05:00

11 lines

282 B

Diff

Raw Blame History

 --- lib/info.c
 +++ lib/info.c
@@ -583,7 +583,7 @@ int vorbis_analysis_headerout(vorbis_dsp
    oggpack_buffer opb;
    private_state *b=v->backend_state;
 -  if(!b||vi->channels<=0){
 +  if(!b||vi->channels<=0||vi->channels>256){
      b = NULL;
      ret=OV_EFAULT;
      goto err_out;