vlc | branch: master | Hugo Beauzée-Luyssen <[email protected]> | Fri Nov 22 14:29:06 2019 +0100| [c3d48d1860914b8a3b11e5912c6ccf0044fcb213] | committer: Hugo Beauzée-Luyssen
contrib: sidplay: Fix out of bound access > http://git.videolan.org/gitweb.cgi/vlc.git/?a=commit;h=c3d48d1860914b8a3b11e5912c6ccf0044fcb213 --- contrib/src/sidplay2/rules.mak | 1 + contrib/src/sidplay2/sidplay2-fix-overflow.patch | 14 ++++++++++++++ 2 files changed, 15 insertions(+) diff --git a/contrib/src/sidplay2/rules.mak b/contrib/src/sidplay2/rules.mak index de77935774..0a303363db 100644 --- a/contrib/src/sidplay2/rules.mak +++ b/contrib/src/sidplay2/rules.mak @@ -26,6 +26,7 @@ sidplay-libs: sidplay-libs-$(SID_VERSION).tar.gz .sum-sidplay2 $(APPLY) $(SRC)/sidplay2/sidplay-fix-ln-s.patch $(APPLY) $(SRC)/sidplay2/sidplay2-resid-dependency.patch $(APPLY) $(SRC)/sidplay2/sidplay2-char-cast.patch + $(APPLY) $(SRC)/sidplay2/sidplay2-fix-overflow.patch $(MOVE) .sidplay2: sidplay-libs diff --git a/contrib/src/sidplay2/sidplay2-fix-overflow.patch b/contrib/src/sidplay2/sidplay2-fix-overflow.patch new file mode 100644 index 0000000000..03e366271f --- /dev/null +++ b/contrib/src/sidplay2/sidplay2-fix-overflow.patch @@ -0,0 +1,14 @@ +--- sidplay-libs/libsidplay/src/sidtune/SidTune.cpp.old 2019-11-22 14:24:46.584743428 +0100 ++++ sidplay-libs/libsidplay/src/sidtune/SidTune.cpp 2019-11-22 14:24:52.620740613 +0100 +@@ -554,6 +554,11 @@ + bool SidTune::acceptSidTune(const char* dataFileName, const char* infoFileName, + Buffer_sidtt<const uint_least8_t>& buf) + { ++ if( buf.len() < fileOffset) ++ { ++ info.statusString = SidTune::txt_corrupt; ++ return false; ++ } + // @FIXME@ - MUS + if ( info.numberOfInfoStrings == 3 ) + { // Add <?> (HVSC standard) to missing title, author, release fields _______________________________________________ vlc-commits mailing list [email protected] https://mailman.videolan.org/listinfo/vlc-commits
