From 94386fdea50da72f167c32ecf375e45fab79cdec Mon Sep 17 00:00:00 2001 From: Erik de Castro Lopo Date: Sun, 1 May 2016 20:34:26 +1000 Subject: libFLAC: Add metadata size checks to FLAC library This follows on from the previous patch. Patch-from: lvqcl --- src/libFLAC/metadata_iterators.c | 3 +++ 1 file changed, 3 insertions(+) (limited to 'src/libFLAC/metadata_iterators.c') diff --git a/src/libFLAC/metadata_iterators.c b/src/libFLAC/metadata_iterators.c index 9356416e..1acb19c6 100644 --- a/src/libFLAC/metadata_iterators.c +++ b/src/libFLAC/metadata_iterators.c @@ -2536,6 +2536,9 @@ FLAC__bool write_metadata_block_header_cb_(FLAC__IOHandle handle, FLAC__IOCallba FLAC__byte buffer[FLAC__STREAM_METADATA_HEADER_LENGTH]; FLAC__ASSERT(block->length < (1u << FLAC__STREAM_METADATA_LENGTH_LEN)); + /* double protection */ + if(block->length >= (1u << FLAC__STREAM_METADATA_LENGTH_LEN)) + return false; buffer[0] = (block->is_last? 0x80 : 0) | (FLAC__byte)block->type; pack_uint32_(block->length, buffer + 1, 3); -- cgit v1.2.1