Enforce numSamples to be lesser than max frame length on decode, security issue
All checks were successful
continuous-integration/drone/push Build is passing
All checks were successful
continuous-integration/drone/push Build is passing
This commit is contained in:
parent
70b76cc688
commit
68745685f4
SSH key fingerprint:
SHA256:OLTRf6Fl87G52SiR7sWLGNzlJt4WOX+tfI2yxo0z7xk
|
|
@ -251,6 +251,8 @@ int32_t ALACDecoder::Decode( BitBuffer * bits, uint8_t * sampleBuffer, uint32_t
|
|||
{
|
||||
numSamples = BitBufferRead( bits, 16 ) << 16;
|
||||
numSamples |= BitBufferRead( bits, 16 );
|
||||
|
||||
RequireAction( numSamples <= mConfig.frameLength, status = kALAC_ParamError; goto Exit; );
|
||||
}
|
||||
|
||||
if ( escapeFlag == 0 )
|
||||
|
|
@ -402,6 +404,8 @@ int32_t ALACDecoder::Decode( BitBuffer * bits, uint8_t * sampleBuffer, uint32_t
|
|||
{
|
||||
numSamples = BitBufferRead( bits, 16 ) << 16;
|
||||
numSamples |= BitBufferRead( bits, 16 );
|
||||
|
||||
RequireAction( numSamples <= mConfig.frameLength, status = kALAC_ParamError; goto Exit; );
|
||||
}
|
||||
|
||||
if ( escapeFlag == 0 )
|
||||
|
|
|
|||
Loading…
Reference in a new issue