#! /bin/sh

# CVE-2017-11332

# https://www.exploit-db.com/exploits/42398
# Author: qflb.wu
# The startread function in wav.c in Sound eXchange(SoX) 14.4.2 can cause
# a denial of service (divide-by-zero error and application crash) via a
# crafted wav file.
# Proof of Concept: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/42398.zip

# 14.4.2:
# dumps core and exits 136

# Debian:
# sox FAIL formats: can't open input file `sox_14.4.2_divide_by_zero_error_1.wav': Channel count is zero
# and exits 2

# 42b355
# sox FAIL formats: can't open input file `sox_14.4.2_divide_by_zero_error_1.wav': Channel count is zero
# and exits 2

rm -f core

${sox:-sox} sox_14.4.2_divide_by_zero_error_1.wav out.wav
status=$?

rm -f core

case "$status" in
0) status=255;;
2) status=0;;
esac

exit $status
