Azahar-Mirror/soundtouch
1
0
Fork 0
mirror of https://github.com/azahar-emu/soundtouch synced 2025-11-13 18:40:02 +01:00
Code Issues Packages Projects Releases Wiki Activity

New take on CVE-2018-17097 i.e. avoiding writing beyond end of buffer in case of 24-bit samples

Browse Source
This commit is contained in:
Olli 2018-10-31 18:36:05 +02:00
parent 6d700259b9
commit 7f594f8b7d
1 changed files with 1 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
source/SoundStretch/WavFile.cpp
View File

@ -924,8 +924,7 @@ void WavOutFile::write(const float *buffer, int numElems)
bytesPerSample = header.format.bits_per_sample / 8;
numBytes = numElems * bytesPerSample;
int confBufBytes = (numBytes + 3) & -4; // round up to nearest multiple of four to avoid overflow with 24bit-value assignment
void *temp = getConvBuffer(confBufBytes);
void *temp = getConvBuffer(numBytes + 7); // round bit up to avoid buffer overrun with 24bit-value assignment
switch (bytesPerSample)
{