Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / flac / 5a365996d739bdf4711af51d9c2c71c8a5e14660
commit5a365996d739bdf4711af51d9c2c71c8a5e14660[log] [tgz]
authorErik de Castro Lopo <erikd@mega-nerd.com>Thu Nov 27 11:55:11 2014 +1100
committerErik de Castro Lopo <erikd@mega-nerd.com>Thu Nov 27 13:40:37 2014 +1100
treeac3b63dd49f4add337e16e9e5536512d74805cf2
parent71b5c028708349e1d698498c54b842a5741dae0f [diff]
src/libFLAC/stream_decoder.c : Fail safely to avoid a heap overflow.

This fix is closely related to the fix for CVE-2014-9028. When that
fix went public Miroslav Lichvar noticed a similar potential problem
spot in the same function and was able to craft a file to trigger a
heap write overflow.

Reported-by : Miroslav Lichvar <mlichvar@redhat.com>
1 file changed
tree: ac3b63dd49f4add337e16e9e5536512d74805cf2
  1. build/
  2. doc/
  3. examples/
  4. include/
  5. m4/
  6. man/
  7. objs/
  8. Scripts/
  9. src/
  10. test/
  11. .gitignore
  12. AUTHORS
  13. autogen.sh
  14. configure.ac
  15. COPYING.FDL
  16. COPYING.GPL
  17. COPYING.LGPL
  18. COPYING.Xiph
  19. FLAC-vs2005.sln
  20. FLAC.sln
  21. Makefile.am
  22. Makefile.deps
  23. Makefile.lite
  24. README
  25. strip_non_asm_libtool_args.sh