Note:
This project will be discontinued after December 13, 2021. [more]
2018-04-29
An issue was discovered in WavPack 5.1.0 and earlier for W64 input. Out-of-bounds writes can occur because ParseWave64HeaderConfig in wave64.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection within a bytes_to_copy calculation and subsequent malloc call, leading to insufficient memory allocation.
Products | Debian_linux, Wavpack |
Type | Out-of-bounds Write (CWE-787) |
First patch |
https://github.com/dbry/WavPack/commit/6f8bb34c2993a48ab9afbe353e6d0cff7c8d821d |
Relevant file/s |
• ./cli/dsdiff.c (modified, +8, -1)
• ./cli/riff.c (modified, +8, -1) • ./cli/wave64.c (modified, +8, -1) |
Links |
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6CFFFWIWALGQPKINRDW3PRGRD5LOLGZA/
• https://github.com/dbry/WavPack/issues/33 • https://www.debian.org/security/2018/dsa-4197 • https://usn.ubuntu.com/3637-1/ • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BRWQNE3TH5UF64IKHKKHVCHJHUOVKJUH/ |
Navigation
Patch data:
Patched area:
(on by default)
Patched area: