mirror of
https://gitlab.alpinelinux.org/alpine/aports.git
synced 2025-07-24 11:45:18 +03:00
20 lines
672 B
Diff
20 lines
672 B
Diff
From: Helmut Grohne <helmut@subdivi.de>
|
|
Subject: voc: word width should never be 0 to avoid division by zero
|
|
Bug: https://sourceforge.net/p/sox/bugs/351/
|
|
Bug-Debian: https://bugs.debian.org/1010374
|
|
|
|
This patch fixes both CVE-2021-3643 and CVE-2021-23210.
|
|
|
|
--- a/src/voc.c
|
|
+++ b/src/voc.c
|
|
@@ -614,6 +614,10 @@
|
|
v->rate = new_rate_32;
|
|
ft->signal.rate = new_rate_32;
|
|
lsx_readb(ft, &uc);
|
|
+ if (uc == 0) {
|
|
+ lsx_fail_errno(ft, SOX_EFMT, "word width is zero?");
|
|
+ return (SOX_EOF);
|
|
+ }
|
|
v->size = uc;
|
|
lsx_readb(ft, &(v->channels));
|
|
lsx_readw(ft, &(v->format)); /* ANN: added format */
|