shithub: sox

Download patch

ref: 6e177c455fb554327ff8125b6e6dde1568610abe
parent: 7e74b254b2a7c963be0bfce751fc5911fe681c12
author: Mans Rullgard <mans@mansr.com>
date: Sun Nov 5 11:29:28 EST 2017

wav: fix crash if channel count is zero (CVE-2017-11332)

--- a/src/wav.c
+++ b/src/wav.c
@@ -712,6 +712,11 @@
     else
         lsx_report("User options overriding channels read in .wav header");
 
+    if (ft->signal.channels == 0) {
+        lsx_fail_errno(ft, SOX_EHDR, "Channel count is zero");
+        return SOX_EOF;
+    }
+
     if (ft->signal.rate == 0 || ft->signal.rate == dwSamplesPerSecond)
         ft->signal.rate = dwSamplesPerSecond;
     else