From bc2cdd57d549ab3ba59782e9b395d0cd683fd3ac Mon Sep 17 00:00:00 2001 From: =?utf8?q?Tim-Philipp=20M=C3=BCller?= Date: Thu, 14 Dec 2006 15:45:56 +0000 Subject: [PATCH] gst/modplug/libmodplug/sndfile.cpp: Fix potential buffer overflow (CVE-2006-4192) (#385788). Original commit message from CVS: * gst/modplug/libmodplug/sndfile.cpp: Fix potential buffer overflow (CVE-2006-4192) (#385788). --- ChangeLog | 5 +++++ gst/modplug/libmodplug/sndfile.cpp | 2 +- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index 68dcd4f..1036784 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,8 @@ +2006-12-14 Tim-Philipp Müller + + * gst/modplug/libmodplug/sndfile.cpp: + Fix potential buffer overflow (CVE-2006-4192) (#385788). + 2006-12-13 Wim Taymans * gst/qtdemux/qtdemux.c: (gst_qtdemux_get_duration), diff --git a/gst/modplug/libmodplug/sndfile.cpp b/gst/modplug/libmodplug/sndfile.cpp index 5dc1417..23eeac7 100644 --- a/gst/modplug/libmodplug/sndfile.cpp +++ b/gst/modplug/libmodplug/sndfile.cpp @@ -1081,7 +1081,7 @@ UINT CSoundFile::ReadSample(MODINSTRUMENT *pIns, UINT nFlags, LPCSTR lpMemFile, { UINT len = 0, mem = pIns->nLength+6; - if ((!pIns) || (pIns->nLength < 4) || (!lpMemFile)) return 0; + if ((!pIns) || ((int)pIns->nLength < 4) || (!lpMemFile)) return 0; if (pIns->nLength > MAX_SAMPLE_LENGTH) pIns->nLength = MAX_SAMPLE_LENGTH; pIns->uFlags &= ~(CHN_16BIT|CHN_STEREO); if (nFlags & RSF_16BIT) -- 2.7.4