vlc/vlc-3.0 | branch: master | Zinuo Han <[email protected]> | Wed Mar 13 17:58:41 2019 +0100| [dff02de2e49c1e3f8e74cfbe8cc0b5d28d7fa0b1] | committer: Hugo Beauzée-Luyssen
asf: Fix potential buffer overrun https://hackerone.com/reports/496376 Signed-off-by: Hugo Beauzée-Luyssen <[email protected]> (cherry picked from commit 8f1b86e31376ecbf985a9fa4d34b3056cbbef695) Signed-off-by: Hugo Beauzée-Luyssen <[email protected]> > http://git.videolan.org/gitweb.cgi/vlc/vlc-3.0.git/?a=commit;h=dff02de2e49c1e3f8e74cfbe8cc0b5d28d7fa0b1 --- modules/demux/asf/libasf.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/modules/demux/asf/libasf.c b/modules/demux/asf/libasf.c index 317f513220..89ebcbf501 100644 --- a/modules/demux/asf/libasf.c +++ b/modules/demux/asf/libasf.c @@ -1359,6 +1359,9 @@ static int ASF_ReadObject_marker(stream_t *s, asf_object_t *p_obj) p_data = &p_peek[ASF_OBJECT_COMMON_SIZE]; + if( !ASF_HAVE( 16+4+2+2 ) ) + return VLC_EGENERIC; + ASF_GetGUID( &p_mk->i_reserved1, p_data ); ASF_SKIP( 16 ); p_mk->i_count = ASF_READ4(); _______________________________________________ vlc-commits mailing list [email protected] https://mailman.videolan.org/listinfo/vlc-commits
