Petri Hintukainen pushed to branch master at VideoLAN / libaacs
Commits:
32105a52 by Petri Hintukainen at 2021-04-23T15:58:07+03:00
mkb_data_size(): Check for truncated data
- - - - -
320dddd3 by Petri Hintukainen at 2021-04-23T18:50:51+03:00
MKB: ignore truncated records
- - - - -
1 changed file:
- src/libaacs/mkb.c
Changes:
=====================================
src/libaacs/mkb.c
=====================================
@@ -49,6 +49,12 @@ static const uint8_t *_record(MKB *mkb, uint8_t type, size_t
*rec_len)
BD_DEBUG(DBG_MKB, "Retrieved MKB record 0x%02x (%p)\n", type,
(void*)(mkb->buf + pos));
+ if (len > mkb->size - pos) {
+ BD_DEBUG(DBG_MKB | DBG_CRIT, "Ignoring truncated MKB record
0x%02x @ %zu, size %zu (%p)\n", type, pos, len,
+ (void*)(mkb->buf + pos));
+ return NULL;
+ }
+
return mkb->buf + pos;
}
@@ -107,6 +113,12 @@ size_t mkb_data_size(MKB *mkb)
pos += MKINT_BE24(mkb->buf + pos + 1);
}
+ if (pos > mkb->size) {
+ BD_DEBUG(DBG_MKB | DBG_CRIT, "mkb_data_size(): invalid or truncated
MKB\n");
+ return mkb->size;
+ }
+
+ BD_DEBUG(DBG_MKB, "MKB data size %zu bytes\n", pos);
return pos;
}
View it on GitLab:
https://code.videolan.org/videolan/libaacs/-/compare/b84831e911ec8318d7d80584b0ef60b642ab0ff8...320dddd3637bb4743f9141c2199cf564e59835ec
--
View it on GitLab:
https://code.videolan.org/videolan/libaacs/-/compare/b84831e911ec8318d7d80584b0ef60b642ab0ff8...320dddd3637bb4743f9141c2199cf564e59835ec
You're receiving this email because of your account on code.videolan.org.
_______________________________________________
libaacs-devel mailing list
libaacs-devel@videolan.org
https://mailman.videolan.org/listinfo/libaacs-devel
