oggstream: protect against out-of-bounds read

author Edward Hervey <edward@centricular.com>

Sat, 17 Mar 2018 05:33:38 +0000 (06:33 +0100)

committer Edward Hervey <bilboed@bilboed.com>

Sat, 17 Mar 2018 05:34:47 +0000 (06:34 +0100)
author Edward Hervey <edward@centricular.com>
Sat, 17 Mar 2018 05:33:38 +0000 (06:33 +0100)
committer Edward Hervey <bilboed@bilboed.com>
Sat, 17 Mar 2018 05:34:47 +0000 (06:34 +0100)
diff --git a/ext/ogg/gstoggstream.c b/ext/ogg/gstoggstream.c

index 91f65ee..25b880f 100644 (file)
--- a/ext/ogg/gstoggstream.c
+++ b/ext/ogg/gstoggstream.c
@@ -1050,6 +1050,9 @@ static gboolean
  is_header_fLaC (GstOggStream * pad, ogg_packet * packet)
  {
    if (pad->n_header_packets_seen == 1) {
+    if (packet->bytes < 17)
+      return FALSE;
+
      pad->granulerate_n = (packet->packet[14] << 12) |
          (packet->packet[15] << 4) | ((packet->packet[16] >> 4) & 0xf);
    }
author	Edward Hervey <edward@centricular.com>
	Sat, 17 Mar 2018 05:33:38 +0000 (06:33 +0100)
committer	Edward Hervey <bilboed@bilboed.com>
	Sat, 17 Mar 2018 05:34:47 +0000 (06:34 +0100)