Commit | Line | Data |
---|---|---|
109f5844 KK |
1 | This patch was downloaded from https://sourceforge.net/p/mpg321/bugs/51/ and |
2 | fixes CVE-2019-14247. | |
3 | ||
4 | Description: Handle illegal bitrate value | |
5 | Author: Chrysostomos Nanakos <cnanakos@debian.org> | |
6 | Bug-Debian: https://bugs.debian.org/870406 | |
7 | Bug-Debian: https://bugs.debian.org/887057 | |
8 | ||
9 | --- mpg321-0.3.2.orig/mad.c | |
10 | +++ mpg321-0.3.2/mad.c | |
11 | @@ -574,6 +574,12 @@ void scan(void const *ptr, ssize_t len, | |
12 | ||
13 | if (!is_vbr) | |
14 | { | |
15 | + if (header.bitrate <= 0) | |
16 | + { | |
17 | + fprintf(stderr, "Illegal bit allocation value\n"); | |
18 | + return; | |
19 | + } | |
20 | + | |
21 | double time = (len * 8.0) / (header.bitrate); /* time in seconds */ | |
22 | double timefrac = (double)time - ((long)(time)); | |
23 | long nsamples = 32 * MAD_NSBSAMPLES(&header); /* samples per frame */ |