Home / exploits VLC 2.0.8 Buffer Overflow
Posted on 01 October 2013
mp4a packetizer: fix buffer overflow author Rafaël Carré <funman@videolan.org> Sat, 24 Aug 2013 22:10:31 +0200 (22:10 +0200) committer Rafaël Carré <funman@videolan.org> Sat, 24 Aug 2013 22:10:47 +0200 (22:10 +0200) modules/packetizer/mpeg4audio.c patch | blob | history diff --git a/modules/packetizer/mpeg4audio.c b/modules/packetizer/mpeg4audio.c index aaad221..c951295 100644 (file) --- a/modules/packetizer/mpeg4audio.c +++ b/modules/packetizer/mpeg4audio.c @@ -804,8 +804,11 @@ static int LOASParse(decoder_t *p_dec, uint8_t *p_buffer, int i_buffer) continue; /* FIXME that's slow (and a bit ugly to write in place) */ - for (int i = 0; i < pi_payload[i_program][i_layer]; i++) + for (int i = 0; i < pi_payload[i_program][i_layer]; i++) { + if (i_accumulated >= i_buffer) + return 0; p_buffer[i_accumulated++] = bs_read(&s, 8); + } } } } else {
