There is a reachable assertion abort in the function sox_append_comment in formats.c in Sound eXchange 14.4.2. A Crafted input will lead to a denial of service attack during conversion of an audio file.