projects
/
platform
/
upstream
/
libvorbis.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
| inline |
side by side
Fix CVE-2018-10392 : Sanity check number of channels in setup
[platform/upstream/libvorbis.git]
/
lib
/
vorbisenc.c
diff --git
a/lib/vorbisenc.c
b/lib/vorbisenc.c
index
f0f7c08
..
2862cfd
100644
(file)
--- a/
lib/vorbisenc.c
+++ b/
lib/vorbisenc.c
@@
-685,6
+685,7
@@
int vorbis_encode_setup_init(vorbis_info *vi){
highlevel_encode_setup *hi=&ci->hi;
if(ci==NULL)return(OV_EINVAL);
+ if(vi->channels<1||vi->channels>255)return(OV_EINVAL);
if(!hi->impulse_block_p)i0=1;
/* too low/high an ATH floater is nonsensical, but doesn't break anything */