projects / platform / upstream / libvorbis.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: fabb555)
Fix CVE-2018-10392 : Sanity check number of channels in setup 93/216993/1 accepted/tizen_6.0_unified accepted/tizen_6.0_unified_hotfix tizen_6.0 tizen_6.0_hotfix accepted/tizen/6.0/unified/20201030.105652 accepted/tizen/6.0/unified/hotfix/20201102.235021 accepted/tizen/6.0/unified/hotfix/20201103.045914 accepted/tizen/unified/20191106.124652 submit/tizen/20191106.041052 submit/tizen_6.0/20201029.205502 submit/tizen_6.0_hotfix/20201102.192902 submit/tizen_6.0_hotfix/20201103.115102 tizen_6.0.m2_release
authorJeongmo Yang <jm80.yang@samsung.com>
Tue, 5 Nov 2019 07:31:50 +0000 (16:31 +0900)
committerJeongmo Yang <jm80.yang@samsung.com>
Tue, 5 Nov 2019 09:17:36 +0000 (18:17 +0900)
Change-Id: I14540b2c3f455f4eeb5ef43d8f90865fdcc801c2
Signed-off-by: Jeongmo Yang <jm80.yang@samsung.com>
lib/vorbisenc.c patch | blob | history

diff --git a/lib/vorbisenc.c b/lib/vorbisenc.c
index f0f7c08..2862cfd 100644 (file)
--- a/lib/vorbisenc.c
+++ b/lib/vorbisenc.c
@@ -685,6 +685,7 @@ int vorbis_encode_setup_init(vorbis_info *vi){
   highlevel_encode_setup *hi=&ci->hi;
 
   if(ci==NULL)return(OV_EINVAL);
+  if(vi->channels<1||vi->channels>255)return(OV_EINVAL);
   if(!hi->impulse_block_p)i0=1;
 
   /* too low/high an ATH floater is nonsensical, but doesn't break anything */
Domain: Multimedia / Media Playback;