dr_wav (0.13.3): Coverity flagged Untrusted loop bound (CWE-606)

mackron / dr_libs

Audio decoding libraries for C/C++, each in a single source file.

Other

1.24k stars 205 forks source link

dr_wav (0.13.3): Coverity flagged Untrusted loop bound (CWE-606) #214

Closed kcgen closed 2 years ago

kcgen commented 2 years ago

"An attacker could control the number of times the loop iterates. In drwav__read_smpl_to_metadata_obj: An unscrutinized value from an untrusted source used as a loop bound."

2021-11-28_06-42

mackron commented 2 years ago

Should be fixed in the dev branch. See https://github.com/mackron/dr_libs/issues/213 for discussion.

kcgen commented 2 years ago

Confirmed fixed!