[vlc-devel] [PATCH] wav: fix integer overflow
Tobias Rapp
t.rapp at noa-audio.com
Fri May 3 14:24:22 CEST 2013
Fix possible integer overflow when reading wave format chunk.
---
modules/demux/wav.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/modules/demux/wav.c b/modules/demux/wav.c
index 6a2e146..0101dd0 100644
--- a/modules/demux/wav.c
+++ b/modules/demux/wav.c
@@ -168,6 +168,11 @@ static int Open( vlc_object_t * p_this )
msg_Err( p_demux, "cannot find 'fmt ' chunk" );
goto error;
}
+ if( i_size > INT32_MAX - 2 )
+ {
+ msg_Err( p_demux, "invalid 'fmt ' chunk" );
+ goto error;
+ }
i_size += 2;
if( i_size < sizeof( WAVEFORMATEX ) )
{
--
1.7.9.5
More information about the vlc-devel
mailing list