[vlc-commits] demux: flac: reject broken seek table

[Francois Cartegnie]

vlc/vlc-3.0 | branch: master | Francois Cartegnie <fcvlcdev at free.fr> | Thu Mar 15 20:13:34 2018 +0100| [385d9d95a3b88d3ff78827f247a4519ddcbb9054] | committer: Francois Cartegnie

demux: flac: reject broken seek table

(cherry picked from commit adb75830489603ce5a0c78a00f6d66871ab53913)

> http://git.videolan.org/gitweb.cgi/vlc/vlc-3.0.git/?a=commit;h=385d9d95a3b88d3ff78827f247a4519ddcbb9054
---

 modules/demux/flac.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/modules/demux/flac.c b/modules/demux/flac.c
index 22ed917b04..4f497ff6ee 100644
--- a/modules/demux/flac.c
+++ b/modules/demux/flac.c
@@ -761,8 +761,9 @@ static void ParseSeekTable( demux_t *p_demux, const uint8_t *p_data, size_t i_da
         const int64_t i_sample = GetQWBE( &p_data[4+18*i+0] );
         int j;
 
-        if( i_sample < 0 || i_sample >= INT64_MAX )
-            continue;
+        if( i_sample < 0 || i_sample >= INT64_MAX ||
+            GetQWBE( &p_data[4+18*i+8] ) < FLAC_STREAMINFO_SIZE )
+            break;
 
         s = xmalloc( sizeof (*s) );
         s->i_time_offset = i_sample * CLOCK_FREQ / i_sample_rate;