commit | 1d948ef7391c9e484658ba024d74433f4df37b3b | [log] [tgz] |
---|---|---|
author | Erik de Castro Lopo <erikd@mega-nerd.com> | Wed Nov 19 19:35:59 2014 -0800 |
committer | Robert Shih <robertshih@google.com> | Wed Aug 19 17:09:34 2015 -0700 |
tree | 2aa37fbce870ebf7141e537a2652c9f7a32ff1dc | |
parent | 214b9dfabe821b7653bfe8db424942575fbd6167 [diff] |
libFLAC/stream_decoder.c : Fail safely to avoid a heap overflow. A file provided by the reporters caused the stream decoder to write to un-allocated heap space resulting in a segfault. The solution is to error out (by returning false from read_residual_partitioned_rice_()) instead of trying to continue to decode. Fixes: CVE-2014-9028 Reported-by: Michele Spagnuolo, Google Security Team <mikispag@google.com> Bug: 23238405 Change-Id: I5c000e3d85d884a92208efebe53aa6edaef8829e