summaryrefslogtreecommitdiff
path: root/libquicktime/CVE-2016-2399.patch
blob: a1737c0dc0a984389fa538f07dc21f9fcc02e370 (plain) 
    1 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=855099
    2 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2399
    3 
    4 diff --git a/src/util.c b/src/util.c
    5 index d8dc3c3..9422fc5 100644
    6 --- a/src/util.c
    7 +++ b/src/util.c
    8 @@ -340,9 +340,14 @@ int64_t quicktime_byte_position(quicktime_t *file)
    9  
   10  void quicktime_read_pascal(quicktime_t *file, char *data)
   11  {
   12 -	char len = quicktime_read_char(file);
   13 -	quicktime_read_data(file, (uint8_t*)data, len);
   14 -	data[(int)len] = 0;
   15 +	int len = quicktime_read_char(file);
   16 +	if ((len > 0) && (len < 256)) {
   17 +          /* data[] is expected to be 256 bytes long */
   18 +          quicktime_read_data(file, (uint8_t*)data, len);
   19 +          data[len] = 0;
   20 +        } else {
   21 +          data[0] = 0;
   22 +        }
   23  }
   24  
   25  void quicktime_write_pascal(quicktime_t *file, char *data)

Generated by cgit