Added
Link Here
|
1 |
--- wav.c.old 2002-12-31 04:19:22.000000000 +0100 |
2 |
+++ wav.c 2004-07-18 19:25:46.000000000 +0200 |
3 |
@@ -917,6 +917,10 @@ |
4 |
} else if(strncmp(magic,"ICRD",4) == 0){ |
5 |
st_readdw(ft,&len); |
6 |
len = (len + 1) & ~1; |
7 |
+ if (len > 254) { |
8 |
+ fprintf(stderr, "Possible buffer overflow hack attack (ICRD)!\n"); |
9 |
+ exit(109); |
10 |
+ } |
11 |
st_reads(ft,text,len); |
12 |
if (strlen(ft->comment) + strlen(text) < 254) |
13 |
{ |
14 |
@@ -926,6 +930,10 @@ |
15 |
} else if(strncmp(magic,"ISFT",4) == 0){ |
16 |
st_readdw(ft,&len); |
17 |
len = (len + 1) & ~1; |
18 |
+ if (len > 254) { |
19 |
+ fprintf(stderr, "Possible buffer overflow hack attack (ISFT)!\n"); |
20 |
+ exit(110); |
21 |
+ } |
22 |
st_reads(ft,text,len); |
23 |
if (strlen(ft->comment) + strlen(text) < 254) |
24 |
{ |