35 lines
1.1 KiB
Diff
35 lines
1.1 KiB
Diff
From ac6bc755e84784d3bea75eb63b9156c49e95019c Mon Sep 17 00:00:00 2001
|
|
From: Karl Tomlinson <karlt+@karlt.net>
|
|
Date: Sun, 07 Jan 2024 23:24:05 +0000 (7 months ago)
|
|
Subject: [PATCH] CVE-2024-0745
|
|
|
|
---
|
|
dom/media/webaudio/OscillatorNode.cpp | 4 +++-
|
|
1 file changed, 3 insertions(+), 1 deletion(-)
|
|
|
|
diff --git a/dom/media/webaudio/OscillatorNode.cpp b/dom/media/webaudio/OscillatorNode.cpp
|
|
index 2089ce170c..1427f9ece0 100644
|
|
--- a/dom/media/webaudio/OscillatorNode.cpp
|
|
+++ b/dom/media/webaudio/OscillatorNode.cpp
|
|
@@ -293,7 +293,8 @@ class OscillatorNodeEngine final : public AudioNodeEngine {
|
|
return;
|
|
}
|
|
|
|
- if (ticks + WEBAUDIO_BLOCK_SIZE <= mStart || ticks >= mStop) {
|
|
+ if (ticks + WEBAUDIO_BLOCK_SIZE <= mStart || ticks >= mStop ||
|
|
+ mStop <= mStart) {
|
|
ComputeSilence(aOutput);
|
|
|
|
} else {
|
|
@@ -302,6 +303,7 @@ class OscillatorNodeEngine final : public AudioNodeEngine {
|
|
|
|
uint32_t start, end;
|
|
FillBounds(output, ticks, start, end);
|
|
+ MOZ_ASSERT(start < end);
|
|
|
|
// Synthesize the correct waveform.
|
|
switch (mType) {
|
|
--
|
|
2.33.0
|
|
|