slackware-current/patches/source/libcue/fdf72c8bded8d24cfa0608b8e97f2eed210a920e.patch

From fdf72c8bded8d24cfa0608b8e97f2eed210a920e Mon Sep 17 00:00:00 2001
From: Kevin Backhouse <kevinbackhouse@github.com>
Date: Wed, 27 Sep 2023 20:22:43 +0100
Subject: [PATCH] Check that the array index isn't negative. This fixes
 CVE-2023-43641.

Signed-off-by: Kevin Backhouse <kevinbackhouse@github.com>
---
 cd.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/cd.c b/cd.c
index cf77a18..4bbea19 100644
--- a/cd.c
+++ b/cd.c
@@ -339,7 +339,7 @@ track_get_rem(const Track* track)
 
 void track_set_index(Track *track, int i, long ind)
 {
-	if (i > MAXINDEX) {
+	if (i < 0 || i > MAXINDEX) {
 		fprintf(stderr, "too many indexes\n");
                 return;
         }