shithub: sox

Info • Files • Log • Branches

ref: f720b34328fbc42b7ad23a94d29fa1b50a6aa359
parent: 42b3557e13e0fe01a83465b672d89faddbe65f49
author: Helmut Grohne <helmut@subdivi.de>
date: Wed Aug 16 22:01:50 EDT 2023

hcom: validate dictsize

This patch fixes both CVE-2021-23159 and CVE-2021-23172.

--- a/src/hcom.c

+++ b/src/hcom.c

@@ -141,6 +141,11 @@

                 return (SOX_EOF);

         lsx_readw(ft, &dictsize);

+        if (dictsize == 0 || dictsize > 511)

+        {

+                lsx_fail_errno(ft, SOX_EHDR, "Implausible dictionary size in HCOM header");

+                return SOX_EOF;

+        }

         /* Translate to sox parameters */

         ft->encoding.encoding = SOX_ENCODING_HCOM;