785ec1fe86
- buffer overflow in stream_cddb.c - buffer overflow in url.c - buffer overflow in demux_mov.c - stack overflow in demux_audio.c from brad@, ok maintainer also remove reference to rtunes_ao.diff from distinfo. this patch is not used now because it does not apply.
13 lines
475 B
Plaintext
13 lines
475 B
Plaintext
$OpenBSD: patch-libmpdemux_demux_audio_c,v 1.1 2008/02/11 00:22:03 jakemsr Exp $
|
|
--- libmpdemux/demux_audio.c.orig Fri Feb 8 13:28:43 2008
|
|
+++ libmpdemux/demux_audio.c Fri Feb 8 13:29:10 2008
|
|
@@ -229,6 +229,8 @@ get_flac_metadata (demuxer_t* demuxer)
|
|
ptr += 4;
|
|
|
|
comment = ptr;
|
|
+ if (&comment[length] < comments || &comment[length] >= &comments[blk_len])
|
|
+ return;
|
|
c = comment[length];
|
|
comment[length] = 0;
|
|
|