virtualenv/FFmpeg
1
0
Fork 0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2024-11-21 10:55:51 +02:00
Code Issues Releases Activity

avformat/oggparseflac: check init_get_bits' result

Browse Source 
Check init_get_bits' result for NULL, to avoid dereferencing a NULL
pointer later (CWE-476).
Without this, a segfault happens when trying to decode a handcrafted
ogg-flac file with an absurdly long (e.g. 268435455 bytes) ogg header.

Co-authored-by: James Almer <jamrial@gmail.com>
Signed-off-by: Paul Arzelier <paul.arzelier@free.fr>
This commit is contained in:
Paul Arzelier 2023-05-30 23:21:36 +02:00 committed by James Almer
parent 4d9afbeef5
commit a9042db1d3
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
libavformat/oggparseflac.c
View File

@ -40,7 +40,10 @@ flac_header (AVFormatContext * s, int idx)
if (os->buf[os->pstart] == 0xff)
return 0;
init_get_bits(&gb, os->buf + os->pstart, os->psize*8);
ret = init_get_bits8(&gb, os->buf + os->pstart, os->psize);
if (ret < 0)
return ret;
skip_bits1(&gb); /* metadata_last */
mdt = get_bits(&gb, 7);