[vlc-commits] asf: Reject streams with invalid entry time interval
Hugo Beauzée-Luyssen
git at videolan.org
Wed Aug 14 18:13:28 CEST 2019
vlc | branch: master | Hugo Beauzée-Luyssen <hugo at beauzee.fr> | Fri Aug 2 14:02:44 2019 +0200| [4d2f92b67e99a04553305ffd7656f0308c520d1f] | committer: Hugo Beauzée-Luyssen
asf: Reject streams with invalid entry time interval
CVE-2019-14535
> http://git.videolan.org/gitweb.cgi/vlc.git/?a=commit;h=4d2f92b67e99a04553305ffd7656f0308c520d1f
---
modules/demux/asf/libasf.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/modules/demux/asf/libasf.c b/modules/demux/asf/libasf.c
index c2510f6ddd..d949c4848b 100644
--- a/modules/demux/asf/libasf.c
+++ b/modules/demux/asf/libasf.c
@@ -276,6 +276,12 @@ static int ASF_ReadObject_Index( stream_t *s, asf_object_t *p_obj )
#endif
/* Sanity checking */
+ if( !p_index->i_index_entry_time_interval )
+ {
+ /* We can't use this index if it has an invalid time interval */
+ p_index->i_index_entry_count = 0;
+ return VLC_ENOMEM;
+ }
if( p_index->i_index_entry_count > (p_index->i_object_size - 56) / 6 )
p_index->i_index_entry_count = (p_index->i_object_size - 56) / 6;
More information about the vlc-commits
mailing list