Commit 9635ef1a authored by Monty's avatar Monty
Browse files

Fix for bug #1456-- the 'bulletproofing' from CVE-2008-1420 inadvertantly

rejects a harmless/legal (if suboptimal) codebook arrangement that was 
apparently used in 1.0b1.


svn path=/trunk/vorbis/; revision=15532
parent d3cd0c4a
......@@ -220,7 +220,7 @@ codeword. Note that the number of entries and dimensions in book
<varname>[residue_classifications]</varname>, overdetermines to
possible number of classification codewords. If
<varname>[residue_classifications]</varname>^<varname>[residue_classbook]</varname>.dimensions
does not equal <varname>[residue_classbook]</varname>.entries, the
exceeds <varname>[residue_classbook]</varname>.entries, the
bitstream should be regarded to be undecodable. </para>
<para>
......
......@@ -234,7 +234,6 @@ vorbis_info_residue *res0_unpack(vorbis_info *vi,oggpack_buffer *opb){
if(partvals > entries) goto errout;
dim--;
}
if(partvals != entries) goto errout;
}
return(info);
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment