From f3e691cf556bd4ad1338f222ffcf5eaecafd6a24 Mon Sep 17 00:00:00 2001
From: Darren Salt <linux@youmustbejoking.demon.co.uk>
Date: Fri, 11 Jan 2008 13:49:08 +0000
Subject: Fix a buffer overflow in the RTSP header-handling code.
 CVE-2008-0225; ported from mplayer changeset 22821.

---
 src/input/libreal/rmff.h | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'src/input/libreal/rmff.h')

diff --git a/src/input/libreal/rmff.h b/src/input/libreal/rmff.h
index d39942088..5288fc558 100644
--- a/src/input/libreal/rmff.h
+++ b/src/input/libreal/rmff.h
@@ -39,6 +39,12 @@
 
 #define RMFF_HEADER_SIZE 0x12
 
+#define RMFF_FILEHEADER_SIZE 18
+#define RMFF_PROPHEADER_SIZE 50
+#define RMFF_MDPRHEADER_SIZE 46
+#define RMFF_CONTHEADER_SIZE 18
+#define RMFF_DATAHEADER_SIZE 18
+
 #define FOURCC_TAG( ch0, ch1, ch2, ch3 ) \
         (((long)(unsigned char)(ch3)       ) | \
         ( (long)(unsigned char)(ch2) << 8  ) | \
-- 
cgit v1.2.3