diff options
| author | Edward Hervey <edward@centricular.com> | 2018-03-17 06:33:38 +0100 |
|---|---|---|
| committer | Edward Hervey <bilboed@bilboed.com> | 2018-03-17 06:34:47 +0100 |
| commit | 17d5f0831660ebc9ea12fc836a2af77f540753d2 (patch) | |
| tree | ab3db27bbb4e8f88b9abce1cdff53e73da93a9d0 | |
| parent | 57516c5153db6f67752e80c95b0b012bd2680a26 (diff) | |
oggstream: protect against out-of-bounds read
We need at least 17 bytes of data for a valid flac header
oss-fuzz #6974
| -rw-r--r-- | ext/ogg/gstoggstream.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/ext/ogg/gstoggstream.c b/ext/ogg/gstoggstream.c index 91f65ee9f..25b880fb0 100644 --- a/ext/ogg/gstoggstream.c +++ b/ext/ogg/gstoggstream.c @@ -1050,6 +1050,9 @@ static gboolean is_header_fLaC (GstOggStream * pad, ogg_packet * packet) { if (pad->n_header_packets_seen == 1) { + if (packet->bytes < 17) + return FALSE; + pad->granulerate_n = (packet->packet[14] << 12) | (packet->packet[15] << 4) | ((packet->packet[16] >> 4) & 0xf); } |