Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Evergreen:11.4
libsndfile
libsndfile-CVE-2011-2696.diff
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File libsndfile-CVE-2011-2696.diff of Package libsndfile
=== modified file 'ChangeLog' --- src/common.h | 1 + src/paf.c | 7 +++++-- src/sndfile.c | 1 + 3 files changed, 7 insertions(+), 2 deletions(-) --- a/src/common.h +++ b/src/common.h @@ -557,6 +557,7 @@ SFE_PAF_VERSION, SFE_PAF_UNKNOWN_FORMAT, SFE_PAF_SHORT_HEADER, + SFE_PAF_BAD_CHANNELS, SFE_SVX_NO_FORM, SFE_SVX_NO_BODY, --- a/src/paf.c +++ b/src/paf.c @@ -163,6 +163,9 @@ { PAF_FMT paf_fmt ; int marker ; + if (psf->filelength < PAF_HEADER_LENGTH) + return SFE_PAF_SHORT_HEADER ; + memset (&paf_fmt, 0, sizeof (paf_fmt)) ; psf_binheader_readf (psf, "pm", 0, &marker) ; @@ -199,8 +202,8 @@ psf->endian = SF_ENDIAN_BIG ; } ; - if (psf->filelength < PAF_HEADER_LENGTH) - return SFE_PAF_SHORT_HEADER ; + if (paf_fmt.channels > SF_MAX_CHANNELS) + return SFE_PAF_BAD_CHANNELS ; psf->datalength = psf->filelength - psf->dataoffset ; --- a/src/sndfile.c +++ b/src/sndfile.c @@ -173,6 +173,7 @@ { SFE_PAF_VERSION , "Error in PAF file, bad version." }, { SFE_PAF_UNKNOWN_FORMAT , "Error in PAF file, unknown format." }, { SFE_PAF_SHORT_HEADER , "Error in PAF file. File shorter than minimal header." }, + { SFE_PAF_BAD_CHANNELS , "Error in PAF file. Bad channel count." }, { SFE_SVX_NO_FORM , "Error in 8SVX / 16SV file, no 'FORM' marker." }, { SFE_SVX_NO_BODY , "Error in 8SVX / 16SV file, no 'BODY' marker." },
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor