From 915e154e2deb327612ca413c838365b7c9bfbf16 Mon Sep 17 00:00:00 2001
From: Alex Stewart <alex.stewart@ni.com>
Date: Tue, 17 Oct 2023 11:57:23 -0400
Subject: [PATCH 15/17] pcm: fix int overflow in pcm_init()

Cast the int-sized bytewidth variable to a long-sized sf_count_t type
prior to calculating the blockwidth, to provide the calculation with
enough numeric space and sf_count_t is the final typing regardless.

CVE: CVE-2022-33065
Fixes: https://github.com/libsndfile/libsndfile/issues/833

Signed-off-by: Alex Stewart <alex.stewart@ni.com>

Upstream-Status: Backport [import from ubuntu https://git.launchpad.net/ubuntu/+source/libsndfile/tree/debian/patches/CVE-2022-33065/CVE-2022-33065-11.patch?h=ubuntu/jammy-security
Upstream commit https://github.com/libsndfile/libsndfile/commit/915e154e2deb327612ca413c838365b7c9bfbf16]
CVE: CVE-2022-33065
Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
---
 src/pcm.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/pcm.c b/src/pcm.c
index bdf461839..a42e48681 100644
--- a/src/pcm.c
+++ b/src/pcm.c
@@ -127,7 +127,7 @@ pcm_init (SF_PRIVATE *psf)
 		return SFE_INTERNAL ;
 		} ;
 
-	psf->blockwidth = psf->bytewidth * psf->sf.channels ;
+	psf->blockwidth = (sf_count_t) psf->bytewidth * psf->sf.channels ;
 
 	if ((SF_CODEC (psf->sf.format)) == SF_FORMAT_PCM_S8)
 		chars = SF_CHARS_SIGNED ;