Package: lv2-dev Version: 1.14.0~dfsg1-1 Severity: important Dear Maintainer,
The following header makes use of smallest possible pointer in LV2_Event_Buffer struct's data field. lv2/lv2plug.in/ns/ext/event/event.h Please change it to biggest possible pointer. It should be definitely void* type because the memory pointed by data shall contain another struct LV2_Event. This describes an integer overflow. There shouldn't be any overflow. -- System Information: Debian Release: buster/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 4.9.0-1-rt-amd64 (SMP w/24 CPU cores; PREEMPT) Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE=C.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) -- no debconf information
