[SoX-devel] [PATCH 2/8] hcom: fix crash on input with corrupt dictionary (CVE-2017-11358)

Mans Rullgard Thu, 26 Apr 2018 06:16:54 -0700

---
 src/hcom.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/hcom.c b/src/hcom.c
index e76820e9333f..ee28cba24218 100644
--- a/src/hcom.c
+++ b/src/hcom.c
@@ -150,6 +150,11 @@ static int startread(sox_format_t * ft)
                 lsx_debug("%d %d",
                        p->dictionary[i].dict_leftson,
                        p->dictionary[i].dict_rightson);
+                if ((unsigned) p->dictionary[i].dict_leftson >= dictsize ||
+                    (unsigned) p->dictionary[i].dict_rightson >= dictsize) {
+                        lsx_fail_errno(ft, SOX_EHDR, "Invalid dictionary");
+                        return SOX_EOF;
+                }
         }
         rc = lsx_skipbytes(ft, (size_t) 1); /* skip pad byte */
         if (rc)
-- 
2.17.0



------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
SoX-devel mailing list
SoX-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/sox-devel

[SoX-devel] [PATCH 2/8] hcom: fix crash on input with corrupt dictionary (CVE-2017-11358)

Reply via email to