Commit 8060b345 authored by Jean-Baptiste Kempf's avatar Jean-Baptiste Kempf

Fix for [oCERT-2008-004] multiple speex implementations insufficient boundary...

Fix for [oCERT-2008-004] multiple speex implementations insufficient boundary checks. Patch by Eren Türkay
parent 0f79e202
...@@ -78,6 +78,7 @@ Dylan Yudaken <dyudaken -- gmail # com> - hotkeys patch ...@@ -78,6 +78,7 @@ Dylan Yudaken <dyudaken -- gmail # com> - hotkeys patch
Emmanuel Blindauer <manu at agat.net> - aRts audio output Emmanuel Blindauer <manu at agat.net> - aRts audio output
Enrico Gueli <e_gueli at yahoo.it> - Brightness threshold in adjust video filter Enrico Gueli <e_gueli at yahoo.it> - Brightness threshold in adjust video filter
Enrique Osuna <enrique.osuna at gmail.com> - Various bug fixes in libvlc. Major Mac OS X Framework improvements. Enrique Osuna <enrique.osuna at gmail.com> - Various bug fixes in libvlc. Major Mac OS X Framework improvements.
Eren Türkay <turkay dot eren \a/ gmail point com> - Speex boundary checks and security fix
Espen Skoglund <esk at ira.uka.de> - FreeBSD autoconf and Makefile patches Espen Skoglund <esk at ira.uka.de> - FreeBSD autoconf and Makefile patches
Ethan C. Baldridge <BaldridgeE at cadmus.com> - directory browsing code Ethan C. Baldridge <BaldridgeE at cadmus.com> - directory browsing code
Eurodata Computer Club <retron.info> - VLC icon design (v0.8.4) Eurodata Computer Club <retron.info> - VLC icon design (v0.8.4)
......
...@@ -357,7 +357,7 @@ static int ProcessInitialHeader( decoder_t *p_dec, ogg_packet *p_oggpacket ) ...@@ -357,7 +357,7 @@ static int ProcessInitialHeader( decoder_t *p_dec, ogg_packet *p_oggpacket )
msg_Err( p_dec, "cannot read Speex header" ); msg_Err( p_dec, "cannot read Speex header" );
return VLC_EGENERIC; return VLC_EGENERIC;
} }
if( p_header->mode >= SPEEX_NB_MODES ) if( p_header->mode >= SPEEX_NB_MODES || p_header->mode < 0 )
{ {
msg_Err( p_dec, "mode number %d does not (yet/any longer) exist in " msg_Err( p_dec, "mode number %d does not (yet/any longer) exist in "
"this version of libspeex.", p_header->mode ); "this version of libspeex.", p_header->mode );
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment