Skip to content

Commit f833c53

Browse files
committed
src/aiff.c: Fix a buffer read overflow
Secunia Advisory SA76717. Found by: Laurent Delosieres, Secunia Research at Flexera Software
1 parent 66aa47f commit f833c53

File tree

1 file changed

+1
-1
lines changed

1 file changed

+1
-1
lines changed

Diff for: src/aiff.c

+1-1
Original file line numberDiff line numberDiff line change
@@ -1759,7 +1759,7 @@ aiff_read_chanmap (SF_PRIVATE * psf, unsigned dword)
17591759
psf_binheader_readf (psf, "j", dword - bytesread) ;
17601760

17611761
if (map_info->channel_map != NULL)
1762-
{ size_t chanmap_size = psf->sf.channels * sizeof (psf->channel_map [0]) ;
1762+
{ size_t chanmap_size = SF_MIN (psf->sf.channels, layout_tag & 0xffff) * sizeof (psf->channel_map [0]) ;
17631763

17641764
free (psf->channel_map) ;
17651765

0 commit comments

Comments
 (0)