Miniaudio Heap Out-of-Bounds Read Vulnerability in WAV BEXT Metadata Parsing

A heap out-of-bounds read vulnerability has been identified in Miniaudio versions through 0.11.25. This vulnerability resides in the WAV BEXT metadata parser, where improper handling of null termination in the coding history field allows attackers to craft WAV files that trigger memory access violations. Exploitation of this vulnerability can lead to application crashes or a denial-of-service condition.

Impact

Exploitation of this vulnerability causes a heap-buffer-overflow (out-of-bounds read) error, which can lead to memory access violations and application crashes.

Reproduction

The vulnerability can be reproduced by creating a WAV file with a BEXT chunk that includes a coding history field lacking a null terminator. This crafted WAV file can then be processed using Miniaudio, which will read past the allocated memory for the BEXT metadata, causing a heap out-of-bounds read error. The issue can be confirmed by using AddressSanitizer, which will report the heap-buffer-overflow error when the file is processed.

Remediation

Users are advised to update to Miniaudio version 0.11.26 or later, where this vulnerability has been fixed.