Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP1:GA
taglib.7690
taglib-CVE-2018-11439.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File taglib-CVE-2018-11439.patch of Package taglib.7690
From 272648ccfcccae30e002ccf34a22e075dd477278 Mon Sep 17 00:00:00 2001 From: Scott Gayou <github.scott@gmail.com> Date: Mon, 4 Jun 2018 11:34:36 -0400 Subject: [PATCH] Fixed OOB read when loading invalid ogg flac file. (#868) CVE-2018-11439 is caused by a failure to check the minimum length of a ogg flac header. This header is detailed in full at: https://xiph.org/flac/ogg_mapping.html. Added more strict checking for entire header. --- taglib/ogg/flac/oggflacfile.cpp | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/taglib/ogg/flac/oggflacfile.cpp b/taglib/ogg/flac/oggflacfile.cpp index 53d04508a..07ea9dccc 100644 --- a/taglib/ogg/flac/oggflacfile.cpp +++ b/taglib/ogg/flac/oggflacfile.cpp @@ -231,11 +231,21 @@ void Ogg::FLAC::File::scan() if(!metadataHeader.startsWith("fLaC")) { // FLAC 1.1.2+ + // See https://xiph.org/flac/ogg_mapping.html for the header specification. + if(metadataHeader.size() < 13) + return; + + if(metadataHeader[0] != 0x7f) + return; + if(metadataHeader.mid(1, 4) != "FLAC") return; - if(metadataHeader[5] != 1) - return; // not version 1 + if(metadataHeader[5] != 1 && metadataHeader[6] != 0) + return; // not version 1.0 + + if(metadataHeader.mid(9, 4) != "fLaC") + return; metadataHeader = metadataHeader.mid(13); }
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor