unofficial mirror of guix-devel@gnu.org 
 help / color / mirror / code / Atom feed
blob ffd65b43b0fbf91c7ed8ad95178b183fe1800fae 1034 bytes (raw)
name: patches/audiofile-CVE-2018-13440.patch 	 # note: path name is non-authoritative(*)

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
 
From fde6d79fb8363c4a329a184ef0b107156602b225 Mon Sep 17 00:00:00 2001
From: Wim Taymans <wtaymans@redhat.com>
Date: Thu, 27 Sep 2018 10:48:45 +0200
Subject: [PATCH] ModuleState: handle compress/decompress init failure

When the unit initcompress or initdecompress function fails,
m_fileModule is NULL. Return AF_FAIL in that case instead of
causing NULL pointer dereferences later.

Fixes #49
---
 libaudiofile/modules/ModuleState.cpp | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/libaudiofile/modules/ModuleState.cpp b/libaudiofile/modules/ModuleState.cpp
index 0c29d7a..070fd9b 100644
--- a/libaudiofile/modules/ModuleState.cpp
+++ b/libaudiofile/modules/ModuleState.cpp
@@ -75,6 +75,9 @@ status ModuleState::initFileModule(AFfilehandle file, Track *track)
 		m_fileModule = unit->initcompress(track, file->m_fh, file->m_seekok,
 			file->m_fileFormat == AF_FILE_RAWDATA, &chunkFrames);
 
+	if (!m_fileModule)
+		return AF_FAIL;
+
 	if (unit->needsRebuffer)
 	{
 		assert(unit->nativeSampleFormat == AF_SAMPFMT_TWOSCOMP);

debug log:

solving ffd65b43b0fbf91c7ed8ad95178b183fe1800fae ...
found ffd65b43b0fbf91c7ed8ad95178b183fe1800fae in https://git.savannah.gnu.org/cgit/guix.git

(*) Git path names are given by the tree(s) the blob belongs to.
    Blobs themselves have no identifier aside from the hash of its contents.^

Code repositories for project(s) associated with this public inbox

	https://git.savannah.gnu.org/cgit/guix.git

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).