Commit ba72fd45 authored by Gabor Karsay's avatar Gabor Karsay

Add security patch for CVE-2017-92xx

parent fba81bae
Description: Fix CVE-2017-9258, CVE-2017-9259, CVE-2017-9260
Based on an upstream commit, original commit message was: "Added sanity
checks against illegal input audio stream parameters e.g. wildly excessive
There is no reference to CVEs or bugs, the commit was made after disclosure
of the CVEs and all three proofs of concept (crafted wav files) fail after
this commit.
The commit was made after version 2.0.0, so that version is also vulnerable.
Unrelated changes were stripped away by patch author, upstream commit author
is Olli Parviainen <>.
Author: Gabor Karsay <>
Origin: upstream,
This patch header follows DEP-3:
--- a/source/SoundTouch/TDStretch.cpp
+++ b/source/SoundTouch/TDStretch.cpp
@@ -128,7 +128,12 @@
int aSeekWindowMS, int aOverlapMS)
// accept only positive parameter values - if zero or negative, use old values instead
- if (aSampleRate > 0) this->sampleRate = aSampleRate;
+ if (aSampleRate > 0)
+ {
+ if (aSampleRate > 192000) ST_THROW_RT_ERROR("Error: Excessive samplerate");
+ this->sampleRate = aSampleRate;
+ }
if (aOverlapMS > 0) this->overlapMs = aOverlapMS;
if (aSequenceMS > 0)
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment