Package: sox / 14.4.2+git20190427-5

0017-CVE-2019-8357.patch Patch series | download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
From: Debian Multimedia Maintainers <debian-multimedia@lists.debian.org>
Date: Sat, 11 Nov 2023 18:18:40 +0100
Subject: CVE-2019-8357

---
 src/effects_i_dsp.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/effects_i_dsp.c b/src/effects_i_dsp.c
index e32dfa0..88b1b39 100644
--- a/src/effects_i_dsp.c
+++ b/src/effects_i_dsp.c
@@ -362,6 +362,9 @@ double * lsx_make_lpf(int num_taps, double Fc, double beta, double rho,
   assert(Fc >= 0 && Fc <= 1);
   lsx_debug("make_lpf(n=%i Fc=%.7g β=%g ρ=%g dc-norm=%i scale=%g)", num_taps, Fc, beta, rho, dc_norm, scale);
 
+  if (!h)
+    return NULL;
+
   for (i = 0; i <= m / 2; ++i) {
     double z = i - .5 * m, x = z * M_PI, y = z * mult1;
     h[i] = x? sin(Fc * x) / x : Fc;