Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Evergreen:11.1:Test
libvorbis
libvorbis-r16217-CVE-2009-2663.diff
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File libvorbis-r16217-CVE-2009-2663.diff of Package libvorbis
--- lib/info.c | 2 ++ 1 file changed, 2 insertions(+) --- a/lib/info.c +++ b/lib/info.c @@ -236,6 +236,7 @@ int i; int vendorlen=oggpack_read(opb,32); if(vendorlen<0)goto err_out; + if(vendorlen>opb->storage-8)goto err_out; vc->vendor=_ogg_calloc(vendorlen+1,1); _v_readstring(opb,vc->vendor,vendorlen); vc->comments=oggpack_read(opb,32); @@ -246,6 +247,7 @@ for(i=0;i<vc->comments;i++){ int len=oggpack_read(opb,32); if(len<0)goto err_out; + if(len>opb->storage-oggpack_bytes(opb))goto err_out; vc->comment_lengths[i]=len; vc->user_comments[i]=_ogg_calloc(len+1,1); _v_readstring(opb,vc->user_comments[i],len);
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor