diff options
author | Erik de Castro Lopo <erikd@mega-nerd.com> | 2014-11-18 07:20:25 -0800 |
---|---|---|
committer | Erik de Castro Lopo <erikd@mega-nerd.com> | 2014-11-20 21:46:39 +1100 |
commit | 5b3033a2b355068c11fe637e14ac742d273f076e (patch) | |
tree | bdb47c483b955620f4bc7913312ed000f4784f13 | |
parent | d8d171705a5d8e3ff9c24f1ff9edd17dd68939a7 (diff) | |
download | flac-5b3033a2b355068c11fe637e14ac742d273f076e.tar.gz |
src/libFLAC/stream_decoder.c : Fix buffer read overflow.
This is CVE-2014-8962.
Reported-by: Michele Spagnuolo,
Google Security Team <mikispag@google.com>
-rw-r--r-- | src/libFLAC/stream_decoder.c | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/src/libFLAC/stream_decoder.c b/src/libFLAC/stream_decoder.c index cb66fe25..88a656d1 100644 --- a/src/libFLAC/stream_decoder.c +++ b/src/libFLAC/stream_decoder.c @@ -71,7 +71,7 @@ FLAC_API int FLAC_API_SUPPORTS_OGG_FLAC = * ***********************************************************************/ -static FLAC__byte ID3V2_TAG_[3] = { 'I', 'D', '3' }; +static const FLAC__byte ID3V2_TAG_[3] = { 'I', 'D', '3' }; /*********************************************************************** * @@ -1361,6 +1361,10 @@ FLAC__bool find_metadata_(FLAC__StreamDecoder *decoder) id = 0; continue; } + + if(id >= 3) + return false; + if(x == ID3V2_TAG_[id]) { id++; i = 0; |