- Related CVE defects
https://nvd.nist.gov/vuln/detail/CVE-2017-7586
- Fixed by applying following upstream patch.
https://github.com/erikd/libsndfile/commit/
f457b7b5ecfe91697ed01cfc825772c4d8de1236
Change-Id: I5d95a79e6d6353fd57d9953d1824a1fa9545a492
/*
-** Copyright (C) 2010-2011 Erik de Castro Lopo <erikd@mega-nerd.com>
+** Copyright (C) 2010-2017 Erik de Castro Lopo <erikd@mega-nerd.com>
**
** This program is free software; you can redistribute it and/or modify
** it under the terms of the GNU Lesser General Public License as published by
/* Calculate new file offset and position ourselves there. */
psf->fileoffset += offset + 10 ;
- psf_binheader_readf (psf, "p", psf->fileoffset) ;
- return 1 ;
+ if (psf->fileoffset < psf->filelength)
+ { psf_binheader_readf (psf, "p", psf->fileoffset) ;
+ return 1 ;
+ } ;
} ;
return 0 ;