Commit 2acdd3f5 authored by Monty's avatar Monty
Browse files

First half of fix for Mozilla BZ #500254

Residue code was not checking that its partition books were books with
specified/populated value mappings.  Fuzzer twiddled the book table suck that a valid codebook was being swapped out for a codebook with no value mapping.


svn path=/trunk/vorbis/; revision=16181
parent d84f58a7
......@@ -220,8 +220,10 @@ vorbis_info_residue *res0_unpack(vorbis_info *vi,oggpack_buffer *opb){
info->booklist[j]=oggpack_read(opb,8);
if(info->groupbook>=ci->books)goto errout;
for(j=0;j<acc;j++)
for(j=0;j<acc;j++){
if(info->booklist[j]>=ci->books)goto errout;
if(ci->book_param[info->booklist[j]]->maptype==0)goto errout;
}
/* verify the phrasebook is not specifying an impossible or
inconsistent partitioning scheme. */
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment