vlc/vlc-3.0 | branch: master | Hugo Beauzée-Luyssen <[email protected]> | Fri Nov 22 14:29:06 2019 +0100| [5a9a71d6e954cc1ad5951310a7ac86e18fd1b2ce] | committer: Hugo Beauzée-Luyssen
contrib: sidplay: Fix out of bound access (cherry picked from commit c3d48d1860914b8a3b11e5912c6ccf0044fcb213) Signed-off-by: Hugo Beauzée-Luyssen <[email protected]> > http://git.videolan.org/gitweb.cgi/vlc/vlc-3.0.git/?a=commit;h=5a9a71d6e954cc1ad5951310a7ac86e18fd1b2ce --- contrib/src/sidplay2/rules.mak | 1 + contrib/src/sidplay2/sidplay2-fix-overflow.patch | 14 ++++++++++++++ 2 files changed, 15 insertions(+) diff --git a/contrib/src/sidplay2/rules.mak b/contrib/src/sidplay2/rules.mak index 9888313732..8b30967fff 100644 --- a/contrib/src/sidplay2/rules.mak +++ b/contrib/src/sidplay2/rules.mak @@ -23,6 +23,7 @@ sidplay-libs: sidplay-libs-$(SID_VERSION).tar.gz .sum-sidplay2 $(APPLY) $(SRC)/sidplay2/sidplay2-smartprt.patch $(APPLY) $(SRC)/sidplay2/sidplay2-noutils.patch $(APPLY) $(SRC)/sidplay2/sidplay2-string.patch + $(APPLY) $(SRC)/sidplay2/sidplay2-fix-overflow.patch $(MOVE) .sidplay2: sidplay-libs diff --git a/contrib/src/sidplay2/sidplay2-fix-overflow.patch b/contrib/src/sidplay2/sidplay2-fix-overflow.patch new file mode 100644 index 0000000000..03e366271f --- /dev/null +++ b/contrib/src/sidplay2/sidplay2-fix-overflow.patch @@ -0,0 +1,14 @@ +--- sidplay-libs/libsidplay/src/sidtune/SidTune.cpp.old 2019-11-22 14:24:46.584743428 +0100 ++++ sidplay-libs/libsidplay/src/sidtune/SidTune.cpp 2019-11-22 14:24:52.620740613 +0100 +@@ -554,6 +554,11 @@ + bool SidTune::acceptSidTune(const char* dataFileName, const char* infoFileName, + Buffer_sidtt<const uint_least8_t>& buf) + { ++ if( buf.len() < fileOffset) ++ { ++ info.statusString = SidTune::txt_corrupt; ++ return false; ++ } + // @FIXME@ - MUS + if ( info.numberOfInfoStrings == 3 ) + { // Add <?> (HVSC standard) to missing title, author, release fields _______________________________________________ vlc-commits mailing list [email protected] https://mailman.videolan.org/listinfo/vlc-commits
