Commit 875be0ad authored by Erik de Castro Lopo's avatar Erik de Castro Lopo
Browse files

src/libFLAC/stream_decoder.c : Fix NULL de-reference.

NULL de-reference can really only happen on a malformed file.
Found using afl (http://lcamtuf.coredump.cx/afl/).
parent 775eb934
......@@ -1753,8 +1753,10 @@ FLAC__bool read_metadata_vorbiscomment_(FLAC__StreamDecoder *decoder, FLAC__Stre
}
else
length -= 4;
if (!FLAC__bitreader_read_uint32_little_endian(decoder->private_->input, &obj->comments[i].length))
if (!FLAC__bitreader_read_uint32_little_endian(decoder->private_->input, &obj->comments[i].length)) {
obj->num_comments = i;
return false; /* read_callback_ sets the state for us */
}
if (obj->comments[i].length > 0) {
if (length < obj->comments[i].length) {
obj->num_comments = i;
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment