An issue was discovered in SoX 14.4.2. lsx_make_lpf in effect_i_dsp.c allows a NULL pointer dereference. Reference: https://sourceforge.net/p/sox/bugs/318
Created sox tracking bugs for this issue: Affects: fedora-all [bug 1678298]
in lsx_make_lpf, num_taps is passed in a large value (402653185 in poc). malloc then fails here: ``` │360 double * h = malloc(num_taps * sizeof(*h)), sum = 0; ``` sizeof(*h) is 8, which ends up passing around 3GB to malloc, which returns 0. The fix is to check the malloc return code and also potentially sanitize whatever is setting the large num_taps earlier. Code doesn't seem to exist in earlier versions than that shipped in Red Hat Enterprise Linux 7.