libaacs | branch: master | npzacs <npz...@gmail.com> | Thu Jul 6 22:49:16 2017 +0300| [883d3c07b156dab21f90a00d7ae7ca5b40ef9564] | committer: npzacs
Fix possible OOB read > http://git.videolan.org/gitweb.cgi/libaacs.git/?a=commit;h=883d3c07b156dab21f90a00d7ae7ca5b40ef9564 --- src/libaacs/aacs.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/src/libaacs/aacs.c b/src/libaacs/aacs.c index 82a1a32..6302868 100644 --- a/src/libaacs/aacs.c +++ b/src/libaacs/aacs.c @@ -1437,6 +1437,11 @@ static AACS_RL_ENTRY *_get_rl(const char *type, int *num_records, int *mkbv) *mkbv = version; *num_records = MKINT_BE32((uint8_t*)data + 20); memmove(data, (uint8_t*)data + 24, len - 24); + len -= 24; + + if ((int)(len/8) < *num_records) { + *num_records = len/8; + } int ii; AACS_RL_ENTRY *rl = data; _______________________________________________ libaacs-devel mailing list libaacs-devel@videolan.org https://mailman.videolan.org/listinfo/libaacs-devel
