Skip to content

Instantly share code, notes, and snippets.

@bsdb0y

bsdb0y/lame_3.99.5_cve_2017_9411.patch

Created August 28, 2017 10:34
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save bsdb0y/1134ded7e84bb5de2f53f6f66a69d23a to your computer and use it in GitHub Desktop.
Save bsdb0y/1134ded7e84bb5de2f53f6f66a69d23a to your computer and use it in GitHub Desktop.
Download ZIP
Patch for CVE-2017-9411 in LAME 3.99.5
Raw
lame_3.99.5_cve_2017_9411.patch
diff --git a/libmp3lame/util.c b/libmp3lame/util.c
index adde6c4..43c28b8 100644
--- a/libmp3lame/util.c
+++ b/libmp3lame/util.c
@@ -614,7 +614,14 @@ fill_buffer_resample(lame_internal_flags * gfc,
sample_t y;
assert(j2 < len);
assert(j2 + BLACKSIZE >= 0);
+
y = (j2 < 0) ? inbuf_old[BLACKSIZE + j2] : inbuf[j2];
+
+ if ((esv->blackfilt == NULL) || ((unsigned int)esv->blackfilt[joff] == 0x00))
+ {
+ printf("Invalid memory access occured. Input file is probably corrupted.\n");
+ exit(-1);
+ }
#ifdef PRECOMPUTE
xvalue += y * esv->blackfilt[joff][i];
#else
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment