[vlc-commits] demux: ogg: fix unwanted heap reading (cid #1048649, cid #1048884)
Francois Cartegnie
git at videolan.org
Wed Nov 27 19:50:29 CET 2013
vlc | branch: master | Francois Cartegnie <fcvlcdev at free.fr> | Wed Nov 27 19:48:43 2013 +0100| [2f13bac44f221b64d376f17dfb48193c671957a4] | committer: Francois Cartegnie
demux: ogg: fix unwanted heap reading (cid #1048649, cid #1048884)
Something clearly wrong with that code, as pointed by coverity.
Due to lack of samples using the old audio format 57 bytes
is a guess regarding the previous boundary check.
> http://git.videolan.org/gitweb.cgi/vlc.git/?a=commit;h=2f13bac44f221b64d376f17dfb48193c671957a4
---
modules/demux/ogg.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/modules/demux/ogg.c b/modules/demux/ogg.c
index 2c43c39..a9c7ceb 100644
--- a/modules/demux/ogg.c
+++ b/modules/demux/ogg.c
@@ -1680,7 +1680,7 @@ static int Ogg_FindLogicalStreams( demux_t *p_demux )
p_stream->fmt.i_extra = i_extra_size;
p_stream->fmt.p_extra = malloc( p_stream->fmt.i_extra );
if( p_stream->fmt.p_extra )
- memcpy( p_stream->fmt.p_extra, st + 1,
+ memcpy( p_stream->fmt.p_extra, oggpacket.packet + 57,
p_stream->fmt.i_extra );
else
p_stream->fmt.i_extra = 0;
More information about the vlc-commits
mailing list