File vorbis-CVE-2018-10393.patch of Package libvorbis.7657
---
lib/psy.c | 4 ++++
1 file changed, 4 insertions(+)
--- a/lib/psy.c
+++ b/lib/psy.c
@@ -605,6 +605,7 @@ static void bark_noise_hybridmp(int n,co
hi = b[i] & 0xffff;
if( lo>=0 ) break;
if( hi>=n ) break;
+ if( -lo >=n ) break;
tN = N[hi] + N[-lo];
tX = X[hi] - X[-lo];
@@ -627,6 +628,7 @@ static void bark_noise_hybridmp(int n,co
lo = b[i] >> 16;
hi = b[i] & 0xffff;
if(hi>=n)break;
+ if(lo >=n)break;
tN = N[hi] - N[lo];
tX = X[hi] - X[lo];
@@ -656,6 +658,7 @@ static void bark_noise_hybridmp(int n,co
hi = i + fixed / 2;
lo = hi - fixed;
if(lo>=0)break;
+ if( hi>=n || -lo >=n ) break;
tN = N[hi] + N[-lo];
tX = X[hi] - X[-lo];
@@ -676,6 +679,7 @@ static void bark_noise_hybridmp(int n,co
hi = i + fixed / 2;
lo = hi - fixed;
if(hi>=n)break;
+ if( hi>=n || lo >=n ) break;
tN = N[hi] - N[lo];
tX = X[hi] - X[lo];