[oggvideotools] 02/02: Added mayhem-crash-oggjoin.patch to fix crash bug on corrupt input (Closes: #716188). Thanks to Alexandre Rebert and the Meyhem project for discovering the problem.

Petter Reinholdtsen pere at moszumanska.debian.org
Wed Oct 22 07:42:05 UTC 2014 

This is an automated email from the git hooks/post-receive script.

pere pushed a commit to branch master
in repository oggvideotools.

commit 4ccd1cde45bcf15d15add4b9ab9c7ffd88336a6f
Author: Petter Reinholdtsen <pere at hungry.com>
Date:   Wed Oct 22 09:41:12 2014 +0200

    Added mayhem-crash-oggjoin.patch to fix crash bug on corrupt input (Closes: #716188).
    Thanks to Alexandre Rebert and the Meyhem project for discovering the problem.
---
 debian/patches/mayhem-crash-oggjoin.patch | 29 +++++++++++++++++++++++++++++
 debian/patches/series                     |  1 +
 2 files changed, 30 insertions(+)

diff --git a/debian/patches/mayhem-crash-oggjoin.patch b/debian/patches/mayhem-crash-oggjoin.patch
new file mode 100644
index 0000000..4c602f4
--- /dev/null
+++ b/debian/patches/mayhem-crash-oggjoin.patch
@@ -0,0 +1,29 @@
+Description: Avoid crashing in oggjoin on bogus input
+Author: Petter Reinholdtsen <pere at hungry.com>
+Bug-Debian: http://bugs.debian.org/716188
+Forwarded: no
+Reviewed-By: Petter Reinholdtsen <pere at hungry.com>
+Last-Update: 2014-10-22
+
+--- oggvideotools-0.8a.orig/src/oggBOSExtractorFactory.cpp
++++ oggvideotools-0.8a/src/oggBOSExtractorFactory.cpp
+@@ -116,6 +116,9 @@ OggType OggBOSExtractorFactory::getStrea
+ {
+   uint8* type = page.obj()->data+page.obj()->headerLength;
+ 
++  if (NULL == OggTypeMap || NULL == type)
++    return (ogg_unknown);
++
+   uint8 i=1;
+   for (; i< ogg_maxOggType; ++i) {
+     if (memcmp(type, OggTypeMap[i], MAXIDCHARS) == 0)
+@@ -131,6 +134,9 @@ OggType OggBOSExtractorFactory::getStrea
+ {
+   uint8* type = packet.data();
+ 
++  if (NULL == OggTypeMap || NULL == type)
++    return (ogg_unknown);
++
+   uint8 i=1;
+   for (; i< ogg_maxOggType; ++i) {
+     if (memcmp(type, OggTypeMap[i], MAXIDCHARS) == 0)
diff --git a/debian/patches/series b/debian/patches/series
index cd97580..03fd683 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1 +1,2 @@
 version-0.8a-1.patch
+mayhem-crash-oggjoin.patch

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-xiph/oggvideotools.git

More information about the pkg-xiph-commits mailing list