vlc | branch: master | Zinuo Han <[email protected]> | Wed Mar 13 17:58:41 2019 +0100| [8f1b86e31376ecbf985a9fa4d34b3056cbbef695] | committer: Hugo Beauzée-Luyssen
asf: Fix potential buffer overrun https://hackerone.com/reports/496376 Signed-off-by: Hugo Beauzée-Luyssen <[email protected]> > http://git.videolan.org/gitweb.cgi/vlc.git/?a=commit;h=8f1b86e31376ecbf985a9fa4d34b3056cbbef695 --- modules/demux/asf/libasf.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/modules/demux/asf/libasf.c b/modules/demux/asf/libasf.c index 7ae87e25e5..b9ea9ab43c 100644 --- a/modules/demux/asf/libasf.c +++ b/modules/demux/asf/libasf.c @@ -1359,6 +1359,9 @@ static int ASF_ReadObject_marker(stream_t *s, asf_object_t *p_obj) p_data = &p_peek[ASF_OBJECT_COMMON_SIZE]; + if( !ASF_HAVE( 16+4+2+2 ) ) + return VLC_EGENERIC; + ASF_GetGUID( &p_mk->i_reserved1, p_data ); ASF_SKIP( 16 ); p_mk->i_count = ASF_READ4(); _______________________________________________ vlc-commits mailing list [email protected] https://mailman.videolan.org/listinfo/vlc-commits
