Description: Fix for CVE-2017-6892
Author: Erik de Castro Lopez
Origin: https://github.com/erikd/libsndfile/commit/f833c53cb596e9e1792949f762e0b33661822748
Applied-Upstream: https://github.com/erikd/libsndfile/commit/f833c53cb596e9e1792949f762e0b33661822748
Last-Update: 2017-06-20
---
This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
--- libsndfile.orig/src/aiff.c
+++ libsndfile/src/aiff.c
@@ -1905,7 +1905,7 @@
 		psf_binheader_readf (psf, "j", dword - bytesread) ;
 
 	if (map_info->channel_map != NULL)
-	{	size_t chanmap_size = psf->sf.channels * sizeof (psf->channel_map [0]) ;
+	{	size_t chanmap_size = SF_MIN (psf->sf.channels, layout_tag & 0xffff) * sizeof (psf->channel_map [0]) ;
 
 		free (psf->channel_map) ;