There is a heap-based buffer over-read at wav.c in wav_write_header in libsndfile 1.0.28 that will cause a denial of service.
There is a heap-based buffer over-read at wav.c in wav_write_header in libsndfile 1.0.28 that will cause a denial of service.
https://bugzilla.redhat.com/show_bug.cgi?id=1643812 https://github.com/libsndfile/libsndfile/issues/435 https://github.com/libsndfile/libsndfile/pull/439 https://github.com/libsndfile/libsndfile/commit/42132c543358cee9f7c3e9e9b15bb6c1063a608e