[xiph-commits] r16181 - trunk/vorbis/lib
xiphmont at svn.xiph.org
xiphmont at svn.xiph.org
Wed Jun 24 20:39:42 PDT 2009
Author: xiphmont
Date: 2009-06-24 20:39:41 -0700 (Wed, 24 Jun 2009)
New Revision: 16181
Modified:
trunk/vorbis/lib/res0.c
Log:
First half of fix for Mozilla BZ #500254
Residue code was not checking that its partition books were books with
specified/populated value mappings. Fuzzer twiddled the book table suck that a valid codebook was being swapped out for a codebook with no value mapping.
Modified: trunk/vorbis/lib/res0.c
===================================================================
--- trunk/vorbis/lib/res0.c 2009-06-23 21:21:39 UTC (rev 16180)
+++ trunk/vorbis/lib/res0.c 2009-06-25 03:39:41 UTC (rev 16181)
@@ -220,8 +220,10 @@
info->booklist[j]=oggpack_read(opb,8);
if(info->groupbook>=ci->books)goto errout;
- for(j=0;j<acc;j++)
+ for(j=0;j<acc;j++){
if(info->booklist[j]>=ci->books)goto errout;
+ if(ci->book_param[info->booklist[j]]->maptype==0)goto errout;
+ }
/* verify the phrasebook is not specifying an impossible or
inconsistent partitioning scheme. */
More information about the commits
mailing list