Bug#932082: sox: CVE-2019-13590

To: 932082@bugs.debian.org
Subject: Bug#932082: sox: CVE-2019-13590
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Wed, 5 Feb 2020 08:06:36 +0100
Message-id: <[🔎] 20200205070636.GA1488408@eldamar.local>
Reply-to: Salvatore Bonaccorso <carnil@debian.org>, 932082@bugs.debian.org
In-reply-to: <156313540623.27098.8286424452475699156.reportbug@eldamar.local>
References: <156313540623.27098.8286424452475699156.reportbug@eldamar.local> <156313540623.27098.8286424452475699156.reportbug@eldamar.local>

Hi,

On Sun, Jul 14, 2019 at 10:16:46PM +0200, Salvatore Bonaccorso wrote:
> Source: sox
> Version: 14.4.2+git20190427-1
> Severity: important
> Tags: security upstream
> Forwarded: https://sourceforge.net/p/sox/bugs/325/
> 
> Hi,
> 
> The following vulnerability was published for sox.
> 
> CVE-2019-13590[0]:
> | An issue was discovered in libsox.a in SoX 14.4.2. In sox-fmt.h
> | (startread function), there is an integer overflow on the result of
> | integer addition (wraparound to 0) fed into the lsx_calloc macro that
> | wraps malloc. When a NULL pointer is returned, it is used without a
> | prior check that it is a valid pointer, leading to a NULL pointer
> | dereference on lsx_readbuf in formats_i.c.

This has been fixed upstream with
https://sourceforge.net/p/sox/code/ci/7b6a889217d62ed7e28188621403cc7542fd1f7e/
.

Regards,
Salvatore

Reply to:

Prev by Date: Bug#950705: zita-resampler FTCBFS: incomplete patch application, new issue
Next by Date: Processing of mpd-sima_0.15.2-1_source.changes
Previous by thread: Processed: Bug#950705 marked as pending in zita-resampler
Next by thread: Processing of mpd-sima_0.15.2-1_source.changes
Index(es):
- Date
- Thread