[xiph-commits] r14701 - trunk/speex/libspeex
jm at svn.xiph.org
jm at svn.xiph.org
Thu Apr 10 20:48:46 PDT 2008
Author: jm
Date: 2008-04-10 20:48:46 -0700 (Thu, 10 Apr 2008)
New Revision: 14701
Modified:
trunk/speex/libspeex/speex_header.c
Log:
Patch by kfish that checks for headers with invalid mode numbers. Technically,
it should have been the application's responsability, but many didn't, so
we ended up with security issues. Considering that there's no real use for
modes that Speex doesn't know about, this should workaround a lot of problems.
Modified: trunk/speex/libspeex/speex_header.c
===================================================================
--- trunk/speex/libspeex/speex_header.c 2008-04-11 03:48:31 UTC (rev 14700)
+++ trunk/speex/libspeex/speex_header.c 2008-04-11 03:48:46 UTC (rev 14701)
@@ -178,6 +178,13 @@
ENDIAN_SWITCH(le_header->frames_per_packet);
ENDIAN_SWITCH(le_header->extra_headers);
+ if (le_header->mode >= SPEEX_NB_MODES || le_header->mode < 0)
+ {
+ speex_notify("Invalid mode specified in Speex header");
+ speex_free (le_header);
+ return NULL;
+ }
+
if (le_header->nb_channels>2)
le_header->nb_channels = 2;
if (le_header->nb_channels<1)
More information about the commits
mailing list