Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / flac / fcf0ba06ae12ccd7c67cee3c8d948df15f946b85
commitfcf0ba06ae12ccd7c67cee3c8d948df15f946b85[log] [tgz]
authorErik de Castro Lopo <erikd@mega-nerd.com>Wed Nov 19 19:35:59 2014 -0800
committerErik de Castro Lopo <erikd@mega-nerd.com>Tue Nov 25 13:03:55 2014 +1100
tree86599c12e2ee8b50fe5b3ab98ea1d12329180e05
parent288edbb3a16b3b857508e2f70d0fb43091f2858f [diff]
src/libFACL/stream_decoder.c : Fail safely to avoid a heap overflow.

A file provided by the reporters caused the stream decoder to write to
un-allocated heap space resulting in a segfault. The solution is to
error out (by returning false from read_residual_partitioned_rice_())
instead of trying to continue to decode.

Fixes: CVE-2014-9028
Reported-by: Michele Spagnuolo,
             Google Security Team <mikispag@google.com>
1 file changed
tree: 86599c12e2ee8b50fe5b3ab98ea1d12329180e05
  1. build/
  2. doc/
  3. examples/
  4. include/
  5. m4/
  6. man/
  7. objs/
  8. src/
  9. test/
  10. .gitignore
  11. AUTHORS
  12. autogen.sh
  13. configure.ac
  14. COPYING.FDL
  15. COPYING.GPL
  16. COPYING.LGPL
  17. COPYING.Xiph
  18. FLAC-vs2005.sln
  19. FLAC.sln
  20. Makefile.am
  21. Makefile.deps
  22. Makefile.lite
  23. README
  24. strip_non_asm_libtool_args.sh