diff options
author | Andy Hung <hunga@google.com> | 2020-02-13 01:16:51 +0000 |
---|---|---|
committer | Gerrit Code Review <noreply-gerritcodereview@google.com> | 2020-02-13 01:16:51 +0000 |
commit | 33446315ab20da709355666b4f539a1791b5a97e (patch) | |
tree | 0a43214f465125675d3576042c737e74b9843256 | |
parent | b71b20865981d42204f666992aafcd1fee4713a5 (diff) | |
parent | 148d1206d1e79815f9c5595ca25728706ed79377 (diff) | |
download | flac-33446315ab20da709355666b4f539a1791b5a97e.tar.gz |
Merge "libFLAC/stream_decoder.c: fix integer overflow on corrupt file"
-rw-r--r-- | libFLAC/stream_decoder.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/libFLAC/stream_decoder.c b/libFLAC/stream_decoder.c index d364b0ce..071398ae 100644 --- a/libFLAC/stream_decoder.c +++ b/libFLAC/stream_decoder.c @@ -1632,6 +1632,8 @@ FLAC__bool read_metadata_streaminfo_(FLAC__StreamDecoder *decoder, FLAC__bool is /* skip the rest of the block */ FLAC__ASSERT(used_bits % 8 == 0); + if (length < (used_bits / 8)) + return false; /* read_callback_ sets the state for us */ length -= (used_bits / 8); if(!FLAC__bitreader_skip_byte_block_aligned_no_crc(decoder->private_->input, length)) return false; /* read_callback_ sets the state for us */ |