Bugzilla – Attachment 27617 Details for
Bug 64775
VUL-0: CVE-2004-0991: mpg123 buffer overflow
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
IDP Log In
|
Forgot Password
[patch]
patch from Daniel Kobras
diff (text/plain), 2.09 KB, created by
Ludwig Nussel
on 2005-01-13 20:13:21 UTC
(
hide
)
Description:
patch from Daniel Kobras
Filename:
MIME Type:
Creator:
Ludwig Nussel
Created:
2005-01-13 20:13:21 UTC
Size:
2.09 KB
patch
obsolete
>--------------------- >PatchSet 202 >Date: 2005/01/01 19:21:47 >Author: kobras >Branch: HEAD >Tag: (none) >Log: >Fix insufficient validation of MPEG header values. [dk] > >Members: > common.c:1.4->1.5 > layer2.c:1.2->1.3 > debian/changelog:1.35->1.36 > > >Index: debian/mpg123/common.c >--- debian/mpg123/common.c 2003/01/29 19:22:48 1.4 >+++ debian/mpg123/common.c 2005/01/01 19:21:47 1.5 >@@ -343,9 +343,12 @@ > fr->mpeg25 = 1; > } > >- if (!param.tryresync || !oldhead) { >- /* If "tryresync" is true, assume that certain >- parameters do not change within the stream! */ >+ if (!param.tryresync || !oldhead || >+ (((oldhead>>19)&0x3) ^ ((newhead>>19)&0x3))) { >+ /* If "tryresync" is false, assume that certain >+ parameters do not change within the stream! >+ Force an update if lsf or mpeg25 settings >+ have changed. */ > fr->lay = 4-((newhead>>17)&3); > if( ((newhead>>10)&0x3) == 0x3) { > fprintf(stderr,"Stream error\n"); >Index: debian/mpg123/layer2.c >diff -u debian/mpg123/layer2.c:1.2 debian/mpg123/layer2.c:1.3 >--- debian/mpg123/layer2.c:1.2 Tue Sep 7 14:32:13 2004 >+++ debian/mpg123/layer2.c Sat Jan 1 20:21:47 2005 >@@ -240,7 +240,7 @@ > { alloc_0, alloc_1, alloc_2, alloc_3 , alloc_4 }; > static int sblims[5] = { 27 , 30 , 8, 12 , 30 }; > >- if(fr->lsf) >+ if(fr->sampling_frequency >= 3) /* Or equivalent: (fr->lsf == 1) */ > table = 4; > else > table = translate[fr->sampling_frequency][2-fr->stereo][fr->bitrate_index]; >Index: debian/mpg123/debian/changelog >diff -u debian/mpg123/debian/changelog:1.35 debian/mpg123/debian/changelog:1.36 >--- debian/mpg123/debian/changelog:1.35 Wed Oct 27 00:17:08 2004 >+++ debian/mpg123/debian/changelog Sat Jan 1 20:21:47 2005 >@@ -1,3 +1,10 @@ >+mpg123 (0.59r-18) unstable; urgency=high >+ >+ * common.c, layer2.c: Fix insufficient validation of MPEG header >+ values, discovered by Yuri D'Elia (CAN-2004-0991). >+ >+ -- Daniel Kobras <kobras@debian.org> Sat, 1 Jan 2005 20:18:25 +0100 >+ > mpg123 (0.59r-17) unstable; urgency=high > > * httpget.c: Fix heap overflow in http authentication handler
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=27617">View the attachment on a separate page</a>.</b>
Actions:
View
|
Diff
Attachments on
bug 64775
:
27590
| 27617