File libsndfile-CVE-2021-4156.patch of Package libsndfile.22299

From 4c30646abf7834e406f7e2429c70bc254e18beab Mon Sep 17 00:00:00 2001
From: yuawn <ssspeed00@gmail.com>
Date: Wed, 14 Apr 2021 08:38:23 +0000
Subject: [PATCH] flac: Fix improper buffer reusing

---
 src/flac.c |    8 ++++++++
 1 file changed, 8 insertions(+)

--- a/src/flac.c
+++ b/src/flac.c
@@ -60,6 +60,7 @@ typedef struct
 	FLAC__StreamMetadata *metadata ;
 
 	const FLAC__int32 * const * wbuffer ;
+	unsigned wbuffer_size ;
 	FLAC__int32 * rbuffer [FLAC__MAX_CHANNELS] ;
 
 	FLAC__int32* encbuffer ;
@@ -182,6 +183,12 @@ flac_buffer_copy (SF_PRIVATE *psf)
 		return 0 ;
 		} ;
 
+	if (frame->header.blocksize > pflac->wbuffer_size)
+	{	psf_log_printf (psf, "Ooops : frame->header.blocksize (%d) > pflac->wbuffer_size (%d)\n", __func__, __LINE__, frame->header.blocksize, pflac->wbuffer_size) ;
+		psf->error = SFE_INTERNAL ;
+		return 0 ;
+		} ;
+
 	if (pflac->ptr == NULL)
 	{	/*
 		** This pointer is reset to NULL each time the current frame has been
@@ -365,6 +372,7 @@ sf_flac_write_callback (const FLAC__Stre
 	pflac->bufferpos = 0 ;
 
 	pflac->wbuffer = buffer ;
+	pflac->wbuffer_size = pflac->frame->header.blocksize ;
 
 	flac_buffer_copy (psf) ;

Places

File libsndfile-CVE-2021-4156.patch of Package libsndfile.22299

Places