[vlc-devel] commit: Prevent a potential integer overflow (mkv). (Laurent Aimar )
git version control
git at videolan.org
Sun Feb 28 12:58:39 CET 2010
vlc | branch: master | Laurent Aimar <fenrir at videolan.org> | Sun Feb 28 12:48:10 2010 +0100| [add8534f31b7c7ff20503169437d7d47ec3ac156] | committer: Laurent Aimar
Prevent a potential integer overflow (mkv).
> http://git.videolan.org/gitweb.cgi/vlc.git/?a=commit;h=add8534f31b7c7ff20503169437d7d47ec3ac156
---
modules/demux/mkv/mkv.cpp | 4 +++-
modules/demux/mkv/mkv.hpp | 1 +
2 files changed, 4 insertions(+), 1 deletions(-)
diff --git a/modules/demux/mkv/mkv.cpp b/modules/demux/mkv/mkv.cpp
index 1f9fbf9..68fbc44 100644
--- a/modules/demux/mkv/mkv.cpp
+++ b/modules/demux/mkv/mkv.cpp
@@ -458,7 +458,7 @@ static void Seek( demux_t *p_demux, mtime_t i_date, double f_percent, chapter_it
}
/* Utility function for BlockDecode */
-static block_t *MemToBlock( demux_t *p_demux, uint8_t *p_mem, int i_mem, size_t offset)
+static block_t *MemToBlock( demux_t *p_demux, uint8_t *p_mem, size_t i_mem, size_t offset)
{
block_t *p_block;
if( !(p_block = block_New( p_demux, i_mem + offset ) ) ) return NULL;
@@ -536,6 +536,8 @@ static void BlockDecode( demux_t *p_demux, KaxBlock *block, KaxSimpleBlock *simp
{
data = &block->GetBuffer(i);
}
+ if( !data->Buffer() || data->Size() > SIZE_MAX )
+ break;
if( tk->i_compression_type == MATROSKA_COMPRESSION_HEADER && tk->p_compression_data != NULL )
p_block = MemToBlock( p_demux, data->Buffer(), data->Size(), tk->p_compression_data->GetSize() );
diff --git a/modules/demux/mkv/mkv.hpp b/modules/demux/mkv/mkv.hpp
index 7a8e0bc..679dc4f 100644
--- a/modules/demux/mkv/mkv.hpp
+++ b/modules/demux/mkv/mkv.hpp
@@ -34,6 +34,7 @@
* early enough. */
#define __STDC_FORMAT_MACROS 1
#define __STDC_CONSTANT_MACROS 1
+#define __STDC_LIMIT_MACROS 1
#ifdef HAVE_CONFIG_H
# include "config.h"
More information about the vlc-devel
mailing list