[vlc-commits] [Git][videolan/vlc][master] mmsh: check user size bounds
Thomas Guillem (@tguillem)
gitlab at videolan.org
Thu Oct 26 15:26:20 UTC 2023
Thomas Guillem pushed to branch master at VideoLAN / VLC
Commits:
f7f346e6 by Thomas Guillem at 2023-10-26T17:16:24+02:00
mmsh: check user size bounds
- - - - -
1 changed file:
- modules/access/mms/mmsh.c
Changes:
=====================================
modules/access/mms/mmsh.c
=====================================
@@ -926,7 +926,15 @@ static int GetPacket( stream_t * p_access, chunk_t *p_ck )
if( restsize < 8 )
p_ck->i_size2 = 8;
else
+ {
p_ck->i_size2 = GetWLE( p_sys->buffer + 10);
+ if (p_ck->i_size2 < 8 /* Prevent underflow when set to i_data */
+ || p_ck->i_size2 - 8 > BUFFER_SIZE - 12 /* Prevent Out Of Bound Write */)
+ {
+ msg_Err(p_access, "invalid size2: %" PRIu16, p_ck->i_size2);
+ return VLC_EGENERIC;
+ }
+ }
p_ck->p_data = p_sys->buffer + 12;
p_ck->i_data = p_ck->i_size2 - 8;
View it on GitLab: https://code.videolan.org/videolan/vlc/-/commit/f7f346e686405638342721dd1c980d63e542dbe0
--
View it on GitLab: https://code.videolan.org/videolan/vlc/-/commit/f7f346e686405638342721dd1c980d63e542dbe0
You're receiving this email because of your account on code.videolan.org.
VideoLAN code repository instance
More information about the vlc-commits
mailing list