[libbluray-devel] Fix possible OOB read when converting 16-bit CS0 (corrupt input)
Petri Hintukainen
git at videolan.org
Mon Jun 12 13:42:40 CEST 2017
libudfread | branch: master | Petri Hintukainen <phintuka at gmail.com> | Mon Jun 12 14:41:12 2017 +0300| [c2da5a49dd1fa0b3ab3c26a02337ad0105d79deb] | committer: Petri Hintukainen
Fix possible OOB read when converting 16-bit CS0 (corrupt input)
> http://git.videolan.org/gitweb.cgi/libudfread.git/?a=commit;h=c2da5a49dd1fa0b3ab3c26a02337ad0105d79deb
---
src/udfread.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/udfread.c b/src/udfread.c
index f10b7be..834226d 100644
--- a/src/udfread.c
+++ b/src/udfread.c
@@ -195,7 +195,7 @@ static char *_cs0_to_utf8(const uint8_t *cs0, size_t size)
}
break;
case 16:
- for (i = 1; i < size; i+=2) {
+ for (i = 1; i < size - 1; i+=2) {
uint16_t ch = cs0[i + 1] | (cs0[i] << 8);
utf16_to_utf8(out, out_pos, out_size, ch);
}
More information about the libbluray-devel
mailing list