File libvorbis-CVE-2012-0444.diff of Package libvorbis - openSUSE Build Service

File libvorbis-CVE-2012-0444.diff of Package libvorbis

--- tmp/lib/floor1.c.orig	2012-03-02 12:19:52.193120575 +0100
+++ tmp/lib/floor1.c	2012-03-02 12:25:11.241135869 +0100
@@ -157,6 +157,7 @@
 
   for(j=0,k=0;j<info->partitions;j++){
     count+=info->class_dim[info->partitionclass[j]]; 
+    if(count>VIF_POSIT) goto err_out;
     for(;k<count;k++){
       int t=info->postlist[k+2]=oggpack_read(opb,rangebits);
       if(t<0 || t>=(1<<rangebits))

openSUSE Build Service is sponsored by