[libbluray-devel] Fix infinite loop (corrupt input)
Petri Hintukainen
git at videolan.org
Sat Jun 24 19:07:19 CEST 2017
libudfread | branch: master | Petri Hintukainen <phintuka at gmail.com> | Sat Jun 24 20:01:56 2017 +0300| [65765bef621aeb94946cfdb2fb95c24587785667] | committer: Petri Hintukainen
Fix infinite loop (corrupt input)
> http://git.videolan.org/gitweb.cgi/libudfread.git/?a=commit;h=65765bef621aeb94946cfdb2fb95c24587785667
---
src/udfread.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/src/udfread.c b/src/udfread.c
index e2dc9f0..18ac985 100644
--- a/src/udfread.c
+++ b/src/udfread.c
@@ -584,6 +584,11 @@ static int _parse_udf_partition_maps(udfread_block_input *input,
uint8_t len = _get_u8(map + 1);
uint16_t ref;
+ if (len < 2) {
+ udf_error("invalid partition map length %d\n", (int)len);
+ break;
+ }
+
udf_trace("map %u: type %u\n", i, type);
if (map + len > end) {
udf_error("partition map table too short !\n");
More information about the libbluray-devel
mailing list