Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Evergreen:11.1:kernel-2.6.32
libvorbis
libvorbis-r16218-CVE-2009-2663.diff
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File libvorbis-r16218-CVE-2009-2663.diff of Package libvorbis
--- lib/res0.c | 19 +++++++++++++++---- 1 file changed, 15 insertions(+), 4 deletions(-) --- a/lib/res0.c +++ b/lib/res0.c @@ -208,16 +208,27 @@ info->partitions=oggpack_read(opb,6)+1; info->groupbook=oggpack_read(opb,8); + /* check for premature EOP */ + if(info->groupbook<0)goto errout; + for(j=0;j<info->partitions;j++){ int cascade=oggpack_read(opb,3); - if(oggpack_read(opb,1)) - cascade|=(oggpack_read(opb,5)<<3); + int cflag=oggpack_read(opb,1); + if(cflag<0) goto errout; + if(cflag){ + int c=oggpack_read(opb,5); + if(c<0) goto errout; + cascade|=(c<<3); + } info->secondstages[j]=cascade; acc+=icount(cascade); } - for(j=0;j<acc;j++) - info->booklist[j]=oggpack_read(opb,8); + for(j=0;j<acc;j++){ + int book=oggpack_read(opb,8); + if(book<0) goto errout; + info->booklist[j]=book; + } if(info->groupbook>=ci->books)goto errout; for(j=0;j<acc;j++)
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
