[vlc-commits] ogg: Fix potential use after free
Zinuo Han
git at videolan.org
Thu May 23 17:20:58 CEST 2019
vlc | branch: master | Zinuo Han <ele7enxxh at gmail.com> | Thu Feb 28 16:39:26 2019 +0100| [80ae65aa0878e54d78b277b37af9a82dcf6cb1f1] | committer: Hugo Beauzée-Luyssen
ogg: Fix potential use after free
https://hackerone.com/reports/501938
Signed-off-by: Hugo Beauzée-Luyssen <hugo at beauzee.fr>
> http://git.videolan.org/gitweb.cgi/vlc.git/?a=commit;h=80ae65aa0878e54d78b277b37af9a82dcf6cb1f1
---
modules/demux/ogg.c | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/modules/demux/ogg.c b/modules/demux/ogg.c
index b57bf968ca..ac349371c2 100644
--- a/modules/demux/ogg.c
+++ b/modules/demux/ogg.c
@@ -1543,8 +1543,11 @@ static int Ogg_FindLogicalStreams( demux_t *p_demux )
return VLC_EGENERIC;
}
- /* FIXME: check return value */
- ogg_stream_packetpeek( &p_stream->os, &oggpacket );
+ if ( ogg_stream_packetpeek( &p_stream->os, &oggpacket ) != 1 )
+ {
+ msg_Err( p_demux, "error in ogg_stream_packetpeek" );
+ return VLC_EGENERIC;
+ }
/* Check for Vorbis header */
if( oggpacket.bytes >= 7 &&
More information about the vlc-commits
mailing list