libaacs | branch: master | npzacs <npz...@gmail.com> | Tue Apr 28 13:11:05 2015 +0300| [bdd3f429daa92c070357ea9638517b390230f647] | committer: npzacs
Limit file read size > http://git.videolan.org/gitweb.cgi/libaacs.git/?a=commit;h=bdd3f429daa92c070357ea9638517b390230f647 --- src/file/file_posix.c | 6 ++++++ src/util/macro.h | 2 ++ 2 files changed, 8 insertions(+) diff --git a/src/file/file_posix.c b/src/file/file_posix.c index 3b28064..6b5a0cd 100644 --- a/src/file/file_posix.c +++ b/src/file/file_posix.c @@ -31,6 +31,7 @@ #include "util/logging.h" #include <stdio.h> +#include <inttypes.h> #include <stdlib.h> static void file_close_linux(AACS_FILE_H *file) @@ -64,6 +65,11 @@ static int64_t file_tell_linux(AACS_FILE_H *file) static int64_t file_read_linux(AACS_FILE_H *file, uint8_t *buf, int64_t size) { + if (size <= 0 || size >= BD_MAX_SSIZE) { + BD_DEBUG(DBG_FILE | DBG_CRIT, "Ignoring invalid read of size %"PRId64" (%p)\n", size, (void*)file); + return 0; + } + return fread(buf, 1, size, (FILE *)file->internal); } diff --git a/src/util/macro.h b/src/util/macro.h index 3ff813d..bb17d90 100644 --- a/src/util/macro.h +++ b/src/util/macro.h @@ -30,4 +30,6 @@ #define X_FREE(X) ( free(X), X = NULL ) +#define BD_MAX_SSIZE ((int64_t)(((size_t)-1)>>1)) + #endif /* MACRO_H_ */ _______________________________________________ libaacs-devel mailing list libaacs-devel@videolan.org https://mailman.videolan.org/listinfo/libaacs-devel
