[FFmpeg-devel] FLAC crash on invalid data

[Justin Ruggles]

Uoti Urpala wrote:
> metadata_parse() does
>             metadata_size = get_bits_long(&s->gb, 24);
> then
>                     for (i=0; i<metadata_size; i++)
>                         skip_bits(&s->gb, 8);
> with no sanity checks against read buffer size.

Patch attached. Simpler than the last patch I submitted to fix the same 
issue.

-Justin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ffmpeg-flac-meta.diff
Type: text/x-patch
Size: 813 bytes
Desc: not available
URL: <http://lists.mplayerhq.hu/pipermail/ffmpeg-devel/attachments/20071004/ccff4f05/attachment.bin>