oysteikt/mpd
0
0
Fork 0
Code Issues Pull Requests Releases Activity

faad: added length check before comparing "ADIF"

Browse Source 
It's not valid to use the buffer's data without ensuring that the
buffer contains enough data.
This commit is contained in:
Max Kellermann 2009-02-17 19:27:36 +01:00
parent d75ce5c4a0
commit 8edd407918
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/decoder/faad_plugin.c
View File

@ -217,7 +217,7 @@ faad_song_duration(struct faad_buffer *b, float *length)
b->consumed = 0;
faad_buffer_fill(b);
} else if (memcmp(b->data, "ADIF", 4) == 0) {
} else if (b->length >= 5 && memcmp(b->data, "ADIF", 4) == 0) {
unsigned bit_rate;
size_t skip_size = (b->data[4] & 0x80) ? 9 : 0;