#! /bin/sh

# CVE-2021-40426
# A heap-based buffer overflow vulnerability exists in the sphere.c
# start_read() functionality of Sound Exchange libsox 14.4.2 and
# master commit 42b3557e. A specially-crafted file can lead to a
# heap buffer overflow. An attacker can provide a malicious file
# to trigger this vulnerability.

# See https://talosintelligence.com/vulnerability_reports/TALOS-2021-1434

rm -f core

${sox:-sox} poc40426.sph out.wav
status=$?

rm -f core out.wav

case "$status" in
0) status=255;;
2) status=0;;
esac

exit $status
