[Ffmpeg-devel] [PATCH] Fix buffer overflows in vorbis.c

Balatoni Denes dbalatoni
Sun Apr 23 23:56:05 CEST 2006


Hi!

In fact vorbis.c doesn't check against the correctness of the values in almost 
any places, but checking for AVCODEC_MAX_AUDIO_FRAME_SIZE didn't even cross 
my mind, so this patch is good :)

vas?rnap 23 ?prilis 2006 22.44-kor Oded Shimon ezeket a bolcs gondolatokat 
fogalmazta meg:
> On Fri, Apr 21, 2006 at 05:20:40PM +0300, Uoti Urpala wrote:
> > +    if (bl0>13 || bl0<6 || bl1>13 || bl1<6 || bl1<bl0) {
>
> Roberto asked me about this - Vorbis spec specifies that blocksize1 must
> always be the bigger (or equal) blocksize. if bl1 is smaller than bl0,
> then the file is damaged/whatever.
>
> Patch is good...
>
> - ods15

bye
Denes

-- 
---
What kills me, doesn't make me stronger.





More information about the ffmpeg-devel mailing list