diff options
| author | Darren Salt <linux@youmustbejoking.demon.co.uk> | 2008-02-20 23:19:15 +0000 |
|---|---|---|
| committer | Darren Salt <linux@youmustbejoking.demon.co.uk> | 2008-02-20 23:19:15 +0000 |
| commit | a2f6c4214b7f7efecd0bfddcedfdf9a413d842f8 (patch) | |
| tree | f702a0fa0ee6087e33ac64599be6bb35c34ecc90 | |
| parent | 37f99fa644f5dab533053755ccac55ea7daf5c22 (diff) | |
| download | xine-lib-a2f6c4214b7f7efecd0bfddcedfdf9a413d842f8.tar.gz xine-lib-a2f6c4214b7f7efecd0bfddcedfdf9a413d842f8.tar.bz2 | |
Off-by-one in the FLAC security fix, breaking playback of some files.
| -rw-r--r-- | ChangeLog | 2 | ||||
| -rw-r--r-- | src/demuxers/demux_flac.c | 2 |
2 files changed, 3 insertions, 1 deletions
@@ -8,6 +8,8 @@ xine-lib (1.1.11) unreleased * Made the version parsing much more reliable; it wasn't properly coping with four-part version numbers. This affects any program whose build scripts use xine-lib's automake macros. + * Fixed an off-by-one in the FLAC security fix patch. This breakage was + causing failure to play some files. xine-lib (1.1.10.1) 2008-02-07 * Security fixes: diff --git a/src/demuxers/demux_flac.c b/src/demuxers/demux_flac.c index e5d1297a2..f6544bb67 100644 --- a/src/demuxers/demux_flac.c +++ b/src/demuxers/demux_flac.c @@ -202,7 +202,7 @@ static int open_flac_file(demux_flac_t *flac) { length = _X_LE_32(ptr); ptr += 4 + length; - if (length >= block_length - 8) + if (length > block_length - 8) return 0; /* bad length or too little left in the buffer */ user_comment_list_length = _X_LE_32(ptr); |