[vlc-commits] packetizer: dts: check header values range
Francois Cartegnie
git at videolan.org
Wed Mar 29 11:53:04 CEST 2017
vlc | branch: master | Francois Cartegnie <fcvlcdev at free.fr> | Wed Mar 29 11:52:24 2017 +0200| [6fee63fd5b582ce0e05eb568661f875310084014] | committer: Francois Cartegnie
packetizer: dts: check header values range
> http://git.videolan.org/gitweb.cgi/vlc.git/?a=commit;h=6fee63fd5b582ce0e05eb568661f875310084014
---
modules/packetizer/dts_header.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/modules/packetizer/dts_header.c b/modules/packetizer/dts_header.c
index 04cf25e..8074a62 100644
--- a/modules/packetizer/dts_header.c
+++ b/modules/packetizer/dts_header.c
@@ -269,7 +269,11 @@ static int dts_header_ParseCore( vlc_dts_header_t *p_header,
bs_init( &s, p_buffer, VLC_DTS_HEADER_SIZE );
bs_skip( &s, 32 /*SYNC*/ + 1 /*FTYPE*/ + 5 /*SHORT*/ + 1 /*CPF*/ );
uint8_t i_nblks = bs_read( &s, 7 );
+ if( i_nblks < 5 )
+ return VLC_EGENERIC;
uint16_t i_fsize = bs_read( &s, 14 );
+ if( i_fsize < 95 )
+ return VLC_EGENERIC;
uint8_t i_amode = bs_read( &s, 6 );
uint8_t i_sfreq = bs_read( &s, 4 );
uint8_t i_rate = bs_read( &s, 5 );
More information about the vlc-commits
mailing list