[xiph-commits] r14597 - trunk/vorbose/src
xiphmont at svn.xiph.org
xiphmont at svn.xiph.org
Tue Mar 18 08:02:04 PDT 2008
Author: xiphmont
Date: 2008-03-18 08:02:03 -0700 (Tue, 18 Mar 2008)
New Revision: 14597
Modified:
trunk/vorbose/src/codebook.c
trunk/vorbose/src/info.c
Log:
Add additional invalidity checks to vorbose to identify Vorbis
codebook attacks.
Modified: trunk/vorbose/src/codebook.c
===================================================================
--- trunk/vorbose/src/codebook.c 2008-03-18 13:01:52 UTC (rev 14596)
+++ trunk/vorbose/src/codebook.c 2008-03-18 15:02:03 UTC (rev 14597)
@@ -74,10 +74,15 @@
" Codebook is invalid.\n\n");
return -1; /* overpopulated tree! */
}
-
+
/* chase the tree as far as it's already populated, fill in past */
for(j=0;j<length-1;j++){
ogg_int16_t bit=(entry>>(length-j-1))&1;
+ if(chase*2+1 >= (b->used_entries-1)*2){
+ printf("WARN codebk: Malformed [underpopulated] Huffman tree.\n"
+ " Codebook is invalid.\n\n");
+ return -1;
+ }
if(chase>=top){
top++;
b->dec_table[chase*2]=top;
@@ -251,6 +256,8 @@
goto err;
}
+ if(codebook_p)
+ printf(" Dims : %d\n",s->dim);
/* Do we have a mapping to unpack? */
ogg2pack_read(opb,4,&maptype);
Modified: trunk/vorbose/src/info.c
===================================================================
--- trunk/vorbose/src/info.c 2008-03-18 13:01:52 UTC (rev 14596)
+++ trunk/vorbose/src/info.c 2008-03-18 15:02:03 UTC (rev 14597)
@@ -315,12 +315,20 @@
{
unsigned long temp[6];
unsigned long packtype;
- int i;
+ int i,err;
- ogg2pack_read(opb,8,&packtype);
+ err=ogg2pack_read(opb,8,&packtype);
for(i=0;i<6;i++)
- ogg2pack_read(opb,8,temp+i);
+ err|=ogg2pack_read(opb,8,temp+i);
+ if(err && syncp){
+ if(headerinfo_p || warn_p)
+ printf("WARN header: EOP reading packet identification when\n"
+ " Expecting a Vorbis stream header. Stream not\n"
+ " decodable as Vorbis I.\n\n");
+ return(-1);
+ }
+
if(temp[0]!='v' ||
temp[1]!='o' ||
temp[2]!='r' ||
More information about the commits
mailing list