]> granicus.if.org Git - taglib/commit
projects / taglib / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: d8d56d3) | patch
Fixed OOB read when loading invalid ogg flac file. (#868) (#869)
authorScott Gayou <github.scott@gmail.com>
Tue, 9 Oct 2018 23:46:55 +0000 (18:46 -0500)
committerStephen F. Booth <me@sbooth.org>
Tue, 9 Oct 2018 23:46:55 +0000 (18:46 -0500)
commit2c4ae870ec086f2ddd21a47861a3709c36faac45
tree12c82240b42cffb0c50b2fcfc1ad5ac5eb52d99atree | snapshot
parentd8d56d39372928d98534a331ac0d3b2d0a2b14c9commit | diff
Fixed OOB read when loading invalid ogg flac file. (#868) (#869)

CVE-2018-11439 is caused by a failure to check the minimum length
of a ogg flac header. This header is detailed in full at:
https://xiph.org/flac/ogg_mapping.html. Added more strict checking
for entire header.
taglib/ogg/flac/oggflacfile.cpp diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.