From: Monty <xiphmont@xiph.org>
Date: Wed, 19 Mar 2008 08:03:29 +0000 (+0000)
Subject: dd checks/rejection for absurdly huge codebooks.
X-Git-Tag: v1.3.3~243
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=31a6932beec700aade61c82813d1ba129bf48cb1;p=platform%2Fupstream%2Flibvorbis.git

dd checks/rejection for absurdly huge codebooks.


svn path=/trunk/vorbis/; revision=14604
---

diff --git a/lib/codebook.c b/lib/codebook.c
index d6780dd..df2a68e 100644
--- a/lib/codebook.c
+++ b/lib/codebook.c
@@ -159,6 +159,8 @@ int vorbis_staticbook_unpack(oggpack_buffer *opb,static_codebook *s){
   s->entries=oggpack_read(opb,24);
   if(s->entries==-1)goto _eofout;
 
+  if(_ilog(s->dim)+_ilog(s->entries)>24)goto _eofout;
+
   /* codeword ordering.... length ordered or unordered? */
   switch((int)oggpack_read(opb,1)){
   case 0: