Bug#507165: patch
tags 507165 patch thanks attached is what i believe is a patch for this problem against the version in unstable. i haven't tested this yet, but it looks very straightforward... review appreciated in any event. i'm rolling this along with the patch for the CVE-2008-5234 into an upcoming nmu. sean -- --- old/src/demuxers/demux_qt.c 2008-12-26 20:20:39.0 +0100 +++ good/src/demuxers/demux_qt.c 2008-12-26 20:26:32.0 +0100 @@ -947,10 +947,18 @@ /* allocate space for each of the properties unions */ trak-stsd_atoms_count = _X_BE_32(trak_atom[i + 8]); - trak-stsd_atoms = calloc(trak-stsd_atoms_count, sizeof(properties_t)); - if (!trak-stsd_atoms) { -last_error = QT_NO_MEMORY; + /* add sanity check on user-supplied data */ + if(trak-stsd_atoms_count = 0) { +last_error = QT_NOT_A_VALID_FILE; +trak-stsd_atoms_count = 0; +trak-stsd_atoms = NULL; goto free_trak; + } else { +trak-stsd_atoms = calloc(trak-stsd_atoms_count, sizeof(properties_t)); +if (!trak-stsd_atoms) { + last_error = QT_NO_MEMORY; + goto free_trak; +} } atom_pos = i + 0x10; signature.asc Description: Digital signature
Bug#507165: patch
I demand that sean finney may or may not have written... attached is what i believe is a patch for this problem against the version in unstable. i haven't tested this yet, but it looks very straightforward... review appreciated in any event. i'm rolling this along with the patch for the CVE-2008-5234 into an upcoming nmu. Not needed. We already have a patch which, along with some others, is waiting for review before I commit them, release 1.1.16 then backport the patches for lenny. [m-f-t set] -- | Darren Salt| linux or ds at | nr. Ashington, | Toon | RISC OS, Linux | youmustbejoking,demon,co,uk | Northumberland | Army | + Generate power using sun, wind, water, nuclear. FORGET COAL AND OIL. The tigers of wrath are wiser than the horses of instruction. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org