vlc | branch: master | Zinuo Han <[email protected]> | Thu Feb 28 16:39:26 2019 +0100| [80ae65aa0878e54d78b277b37af9a82dcf6cb1f1] | committer: Hugo Beauzée-Luyssen
ogg: Fix potential use after free https://hackerone.com/reports/501938 Signed-off-by: Hugo Beauzée-Luyssen <[email protected]> > http://git.videolan.org/gitweb.cgi/vlc.git/?a=commit;h=80ae65aa0878e54d78b277b37af9a82dcf6cb1f1 --- modules/demux/ogg.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/modules/demux/ogg.c b/modules/demux/ogg.c index b57bf968ca..ac349371c2 100644 --- a/modules/demux/ogg.c +++ b/modules/demux/ogg.c @@ -1543,8 +1543,11 @@ static int Ogg_FindLogicalStreams( demux_t *p_demux ) return VLC_EGENERIC; } - /* FIXME: check return value */ - ogg_stream_packetpeek( &p_stream->os, &oggpacket ); + if ( ogg_stream_packetpeek( &p_stream->os, &oggpacket ) != 1 ) + { + msg_Err( p_demux, "error in ogg_stream_packetpeek" ); + return VLC_EGENERIC; + } /* Check for Vorbis header */ if( oggpacket.bytes >= 7 && _______________________________________________ vlc-commits mailing list [email protected] https://mailman.videolan.org/listinfo/vlc-commits
