ref: 8600912ac8ed58ff54406aaa8cb41856dc54ee69
parent: 65591113f551b4506fe16fe5a9a11b5ea46138a5
author: Sigrid Solveig Haflínudóttir <sigrid@ftrv.se>
date: Mon Mar 4 13:12:13 EST 2024
opus, vorbis: fix a possible buffer overflow when reading tags
--- a/opus.c
+++ b/opus.c
@@ -53,7 +53,7 @@
if(pgend < ctx->seek(ctx, 0, 1)+sz)
break;
- if(ctx->bufsz < sz+1){+ if(sz > ctx->bufsz-1){if(ctx->seek(ctx, sz, 1) < 0)
return -1;
continue;
--- a/vorbis.c
+++ b/vorbis.c
@@ -97,7 +97,7 @@
if(pgend < ctx->seek(ctx, 0, 1)+sz)
break;
- if(ctx->bufsz < sz+1){+ if(sz > ctx->bufsz-1){if(ctx->seek(ctx, sz, 1) < 0)
return -1;
continue;