From 9a829113c88a51e57c1e46473e90609e4b7df151 Mon Sep 17 00:00:00 2001 From: Alex Stewart Date: Tue, 17 Oct 2023 12:19:12 -0400 Subject: [PATCH] ima_adpcm: fix int overflow in ima_reader_init() When calculating sf.frames, pre-cast samplesperblock to sf_count_t, to provide the calculation with enough numeric space to avoid overflows. Other changes in this commit are syntactic, and only to satisfy the git pre-commit syntax checker. CVE: CVE-2022-33065 Fixes: https://github.com/libsndfile/libsndfile/issues/833 Signed-off-by: Alex Stewart --- src/ima_adpcm.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) --- a/src/ima_adpcm.c +++ b/src/ima_adpcm.c @@ -233,7 +233,7 @@ ima_reader_init (SF_PRIVATE *psf, int bl case SF_FORMAT_AIFF : psf_log_printf (psf, "still need to check block count\n") ; pima->decode_block = aiff_ima_decode_block ; - psf->sf.frames = pima->samplesperblock * pima->blocks / pima->channels ; + psf->sf.frames = (sf_count_t) pima->samplesperblock * pima->blocks / pima->channels ; break ; default :