[vlc-commits] SMF: avoid a DOS if the SMF header is invalid
Ludovic Fauvet
git at videolan.org
Tue Apr 3 10:22:41 CEST 2012
vlc/vlc-1.1 | branch: master | Ludovic Fauvet <etix at videolan.org> | Mon Apr 2 17:19:14 2012 +0200| [3eb9534023873256c37f1cccd9d18e692487a485] | committer: Jean-Baptiste Kempf
SMF: avoid a DOS if the SMF header is invalid
Reported by Marcin 'Icewall' Noga from Hispasec
Signed-off-by: Jean-Baptiste Kempf <jb at videolan.org>
(cherry picked from commit e6003756a15b832cd63a8d007b1142f838aaea75)
Signed-off-by: Jean-Baptiste Kempf <jb at videolan.org>
(cherry picked from commit d862c1b90ff84caa018918c0fb1fa802a3e5bba4)
Signed-off-by: Jean-Baptiste Kempf <jb at videolan.org>
> http://git.videolan.org/gitweb.cgi/vlc/vlc-1.1.git/?a=commit;h=3eb9534023873256c37f1cccd9d18e692487a485
---
modules/demux/smf.c | 8 +++++++-
1 files changed, 7 insertions(+), 1 deletions(-)
diff --git a/modules/demux/smf.c b/modules/demux/smf.c
index 6b21157..fd002f3 100644
--- a/modules/demux/smf.c
+++ b/modules/demux/smf.c
@@ -211,7 +211,13 @@ static int Open (vlc_object_t * p_this)
for (;;)
{
- stream_Read (stream, head, 8);
+ if (stream_Read (stream, head, 8) < 8)
+ {
+ /* FIXME: don't give up if we have at least one valid track */
+ msg_Err (p_this, "incomplete SMF chunk, file is corrupted");
+ goto error;
+ }
+
if (memcmp (head, "MTrk", 4) == 0)
break;
More information about the vlc-commits
mailing list