[vlc-commits] ogg: Fix potential use after free
Zinuo Han
git at videolan.org
Thu May 23 17:40:26 CEST 2019
vlc/vlc-3.0 | branch: master | Zinuo Han <ele7enxxh at gmail.com> | Thu Feb 28 16:39:26 2019 +0100| [2da2ed02b5ae3ffbefe448d848e602367d797c63] | committer: Hugo Beauzée-Luyssen
ogg: Fix potential use after free
https://hackerone.com/reports/501938
Signed-off-by: Hugo Beauzée-Luyssen <hugo at beauzee.fr>
(cherry picked from commit 80ae65aa0878e54d78b277b37af9a82dcf6cb1f1)
Signed-off-by: Hugo Beauzée-Luyssen <hugo at beauzee.fr>
> http://git.videolan.org/gitweb.cgi/vlc/vlc-3.0.git/?a=commit;h=2da2ed02b5ae3ffbefe448d848e602367d797c63
---
modules/demux/ogg.c | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/modules/demux/ogg.c b/modules/demux/ogg.c
index e018d21058..69fa492c42 100644
--- a/modules/demux/ogg.c
+++ b/modules/demux/ogg.c
@@ -1614,8 +1614,11 @@ static int Ogg_FindLogicalStreams( demux_t *p_demux )
return VLC_EGENERIC;
}
- /* FIXME: check return value */
- ogg_stream_packetpeek( &p_stream->os, &oggpacket );
+ if ( ogg_stream_packetpeek( &p_stream->os, &oggpacket ) != 1 )
+ {
+ msg_Err( p_demux, "error in ogg_stream_packetpeek" );
+ return VLC_EGENERIC;
+ }
/* Check for Vorbis header */
if( oggpacket.bytes >= 7 &&
More information about the vlc-commits
mailing list