File: CVE-2016-2399.patch

package info (click to toggle)
libquicktime 2%3A1.2.4-12
  • links: PTS, VCS
  • area: main
  • in suites: bullseye, buster
  • size: 6,336 kB
  • sloc: ansic: 55,311; sh: 10,976; makefile: 457; sed: 16
file content (22 lines) | stat: -rw-r--r-- 682 bytes parent folder | download | duplicates (4)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
diff --git a/src/util.c b/src/util.c
index d8dc3c3..9422fc5 100644
--- a/src/util.c
+++ b/src/util.c
@@ -340,9 +340,14 @@ int64_t quicktime_byte_position(quicktime_t *file)
 
 void quicktime_read_pascal(quicktime_t *file, char *data)
 {
-	char len = quicktime_read_char(file);
-	quicktime_read_data(file, (uint8_t*)data, len);
-	data[(int)len] = 0;
+	int len = quicktime_read_char(file);
+	if ((len > 0) && (len < 256)) {
+          /* data[] is expected to be 256 bytes long */
+          quicktime_read_data(file, (uint8_t*)data, len);
+          data[len] = 0;
+        } else {
+          data[0] = 0;
+        }
 }
 
 void quicktime_write_pascal(quicktime_t *file, char *data)