[MPlayer-cvslog] r25919 - branches/1.0rc2/libmpdemux/demux_audio.c
rtogni
subversion at mplayerhq.hu
Tue Jan 29 23:11:01 CET 2008
Author: rtogni
Date: Tue Jan 29 23:11:01 2008
New Revision: 25919
Log:
Properly check length of flac metadata.
Security fix backported from r25917
Modified:
branches/1.0rc2/libmpdemux/demux_audio.c
Modified: branches/1.0rc2/libmpdemux/demux_audio.c
==============================================================================
--- branches/1.0rc2/libmpdemux/demux_audio.c (original)
+++ branches/1.0rc2/libmpdemux/demux_audio.c Tue Jan 29 23:11:01 2008
@@ -229,6 +229,8 @@ get_flac_metadata (demuxer_t* demuxer)
ptr += 4;
comment = ptr;
+ if (&comment[length] < comments || &comment[length] >= &comments[blk_len])
+ return;
c = comment[length];
comment[length] = 0;
More information about the MPlayer-cvslog
mailing list