Displaying 7 results from an estimated 7 matches for "send_error_to_client_".
2014 Dec 15
1
[PATCH] src/libFLAC/stream_decoder.c : Rework fix for seeking bug.
...ONED_RICE2:
if(!FLAC__bitreader_read_raw_uint32(decoder->private_->input, &u32, FLAC__ENTROPY_CODING_METHOD_PARTITIONED_RICE_ORDER_LEN))
return false; /* read_callback_ sets the state for us */
+ if(decoder->private_->frame.header.blocksize >> u32 < order) {
+ send_error_to_client_(decoder, FLAC__STREAM_DECODER_ERROR_STATUS_LOST_SYNC);
+ decoder->protected_->state = FLAC__STREAM_DECODER_SEARCH_FOR_FRAME_SYNC;
+ return true;
+ }
subframe->entropy_coding_method.data.partitioned_rice.order = u32;
subframe->entropy_coding_method.data.partitioned_rice.c...
2014 Nov 25
9
Two new CVEs against FLAC
Hi all,
Google Security Team member, Michele Spagnuolo, recently found two potential
problems in the FLAC code base. They are :
CVE-2014-9028 : Heap buffer write overflow
CVE-2014-8962 : Heap buffer read overflow
For Linux distributions, the specific fixes for these two CVEs are available
from Git here:
2014 Nov 25
1
Two new CVEs against FLAC
...underflow.
>
> --- a/src/libFLAC/stream_decoder.c
> +++ b/src/libFLAC/stream_decoder.c
> @@ -2744,7 +2744,7 @@ FLAC__bool read_residual_partitioned_rice_(FLAC__StreamDecoder *decoder, unsigne
> if(partition_samples < predictor_order) {
> send_error_to_client_(decoder, FLAC__STREAM_DECODER_ERROR_STATUS_LOST_SYNC);
> decoder->protected_->state = FLAC__STREAM_DECODER_SEARCH_FOR_FRAME_SYNC;
> - return true;
> + return false;
> }
> }
>
> Th...
2014 Dec 09
5
Two new CVEs against FLAC
...nderflow.
>
> --- a/src/libFLAC/stream_decoder.c
> +++ b/src/libFLAC/stream_decoder.c
> @@ -2744,7 +2744,7 @@ FLAC__bool read_residual_partitioned_rice_(FLAC__StreamDecoder *decoder, unsigne
> if(partition_samples < predictor_order) {
> send_error_to_client_(decoder, FLAC__STREAM_DECODER_ERROR_STATUS_LOST_SYNC);
> decoder->protected_->state = FLAC__STREAM_DECODER_SEARCH_FOR_FRAME_SYNC;
> - return true;
> + return false;
> }
> }
>
>...
2014 Nov 25
0
Two new CVEs against FLAC
...der in
the caller would still underflow.
--- a/src/libFLAC/stream_decoder.c
+++ b/src/libFLAC/stream_decoder.c
@@ -2744,7 +2744,7 @@ FLAC__bool read_residual_partitioned_rice_(FLAC__StreamDecoder *decoder, unsigne
if(partition_samples < predictor_order) {
send_error_to_client_(decoder, FLAC__STREAM_DECODER_ERROR_STATUS_LOST_SYNC);
decoder->protected_->state = FLAC__STREAM_DECODER_SEARCH_FOR_FRAME_SYNC;
- return true;
+ return false;
}
}
Thoughts?
--
Miroslav Lichvar
2014 Dec 09
0
Two new CVEs against FLAC
...--- a/src/libFLAC/stream_decoder.c
> > +++ b/src/libFLAC/stream_decoder.c
> > @@ -2744,7 +2744,7 @@ FLAC__bool
> read_residual_partitioned_rice_(FLAC__StreamDecoder *decoder, unsigne
> > if(partition_samples < predictor_order) {
> > send_error_to_client_(decoder,
> FLAC__STREAM_DECODER_ERROR_STATUS_LOST_SYNC);
> > decoder->protected_->state =
> FLAC__STREAM_DECODER_SEARCH_FOR_FRAME_SYNC;
> > - return true;
> > + return false;
> >...
2014 Dec 09
0
Two new CVEs against FLAC
...; --- a/src/libFLAC/stream_decoder.c
>> +++ b/src/libFLAC/stream_decoder.c
>> @@ -2744,7 +2744,7 @@ FLAC__bool read_residual_partitioned_rice_(FLAC__StreamDecoder *decoder, unsigne
>> if(partition_samples < predictor_order) {
>> send_error_to_client_(decoder, FLAC__STREAM_DECODER_ERROR_STATUS_LOST_SYNC);
>> decoder->protected_->state = FLAC__STREAM_DECODER_SEARCH_FOR_FRAME_SYNC;
>> - return true;
>> + return false;
>> }
>>...