Overview

File speex-CVE-2020-23903.patch of Package speex.24379

From 870ff845b32f314aec0036641ffe18aba4916887 Mon Sep 17 00:00:00 2001
From: Tristan Matthews <tmatth@videolan.org>
Date: Mon, 13 Jul 2020 23:25:03 -0400
Subject: [PATCH] wav_io: guard against invalid channel numbers

Fixes #13
---
 src/wav_io.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/wav_io.c b/src/wav_io.c
index b518301..09d62eb 100644
--- a/src/wav_io.c
+++ b/src/wav_io.c
@@ -111,7 +111,7 @@ int read_wav_header(FILE *file, int *rate, int *channels, int *format, spx_int32
    stmp = le_short(stmp);
    *channels = stmp;
 
-   if (stmp>2)
+   if (stmp>2 || stmp<1)
    {
       fprintf (stderr, "Only mono and (intensity) stereo supported\n");
       return -1;
-- 
GitLab
openSUSE Build Service is sponsored by
Places