vlc | branch: master | Hugo Beauzée-Luyssen <[email protected]> | Wed Aug 7 17:36:37 2019 +0200| [fdbdd677c1e6262f31771b0ba10afb24aabf108c] | committer: Hugo Beauzée-Luyssen
asf: Fix out of bound read p_data is already offset by 64 bytes, so we need to propagate that offset to the boundary check CVE-2019-14776 > http://git.videolan.org/gitweb.cgi/vlc.git/?a=commit;h=fdbdd677c1e6262f31771b0ba10afb24aabf108c --- modules/demux/asf/asf.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/demux/asf/asf.c b/modules/demux/asf/asf.c index 9dd30eb462..441d9ec7e4 100644 --- a/modules/demux/asf/asf.c +++ b/modules/demux/asf/asf.c @@ -1105,7 +1105,7 @@ static int DemuxInit( demux_t *p_demux ) { GET_CHECKED( fmt.i_extra, __MIN( GetWLE( &p_data[16] ), p_sp->i_type_specific_data_length - - sizeof( WAVEFORMATEX ) ), + sizeof( WAVEFORMATEX ) - 64), INT_MAX, uint32_t ); fmt.p_extra = malloc( fmt.i_extra ); if ( fmt.p_extra ) _______________________________________________ vlc-commits mailing list [email protected] https://mailman.videolan.org/listinfo/vlc-commits
