From 16d24d778d4c96158658c12b66c1d99020b77154 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Diego=20=27Flameeyes=27=20Petten=C3=B2?=
 <flameeyes@gmail.com>
Date: Sat, 10 Mar 2007 00:41:34 +0000
Subject:   * Security fixes:     - Fix heap overflow in DMO loader.
 (CVE-2007-1246) [bug #1676925]       Thanks to Kees Cook for reporting.

CVS patchset: 8656
CVS date: 2007/03/10 00:41:34
---
 src/libw32dll/DirectShow/DS_VideoDecoder.c | 1 +
 1 file changed, 1 insertion(+)

(limited to 'src/libw32dll/DirectShow/DS_VideoDecoder.c')

diff --git a/src/libw32dll/DirectShow/DS_VideoDecoder.c b/src/libw32dll/DirectShow/DS_VideoDecoder.c
index e34659f91..44c6d26d7 100644
--- a/src/libw32dll/DirectShow/DS_VideoDecoder.c
+++ b/src/libw32dll/DirectShow/DS_VideoDecoder.c
@@ -110,6 +110,7 @@ DS_VideoDecoder * DS_VideoDecoder_Open(char* dllname, GUID* guid, BITMAPINFOHEAD
      
         this->iv.m_bh = (BITMAPINFOHEADER*)malloc(bihs);
         memcpy(this->iv.m_bh, format, bihs);
+        this->iv.m_bh->biSize = bihs;
 
         this->iv.m_State = STOP;
         //this->iv.m_pFrame = 0;
-- 
cgit v1.2.3