rpi-buildroot/package/sox/0011-CVE-2023-32627-Filter-null-sampling-rate-in-VOC-code.patch

From 2ab4f13af84f224cfbdd997e027c7348156de463 Mon Sep 17 00:00:00 2001
From: Helmut Grohne <helmut@subdivi.de>
Date: Sat, 17 May 2025 23:07:34 +0200
Subject: [PATCH] CVE-2023-32627 Filter null sampling rate in VOC coder

Avoid a divide by zero and out of bound read by rejecting null sampling rate in VOC file

bug: https://sourceforge.net/p/sox/bugs/369/
bug-redhat: https://bugzilla.redhat.com/show_bug.cgi?id=2212282
bug-debian: https://bugs.debian.org/1041112
bug-debian-security: https://security-tracker.debian.org/tracker/CVE-2023-32627

CVE: CVE-2023-32627
Upstream: https://sourceforge.net/p/sox/bugs/369/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
---
 src/voc.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/voc.c b/src/voc.c
index 0ca07f94..d8b982c5 100644
--- a/src/voc.c
+++ b/src/voc.c
@@ -353,6 +353,11 @@ static size_t read_samples(sox_format_t * ft, sox_sample_t * buf,
             v->block_remaining = 0;
             return done;
           }
+          if(uc == 0) {
+            lsx_fail_errno(ft, EINVAL, "invalid rate value");
+            v->block_remaining = 0;
+            return done;
+          }
           *buf = SOX_UNSIGNED_8BIT_TO_SAMPLE(uc,);
           lsx_adpcm_init(&v->adpcm, 6 - v->size, SOX_SAMPLE_TO_SIGNED_16BIT(*buf, ft->clips));
           ++buf;
-- 
2.49.0