oggstream: protect against out-of-bounds read

We need at least 17 bytes of data for a valid flac header oss-fuzz #6974
2024-11-26 19:51:11 +00:00 · 2018-03-17 06:33:38 +01:00 · 2018-03-17 06:33:38 +01:00 · 17d5f08316
commit 17d5f08316
parent 57516c5153
1 changed files with 3 additions and 0 deletions
--- a/ext/ogg/gstoggstream.c
+++ b/ext/ogg/gstoggstream.c
@ -1050,6 +1050,9 @@ static gboolean
 is_header_fLaC (GstOggStream * pad, ogg_packet * packet)
 {
  if (pad->n_header_packets_seen == 1) {
+    if (packet->bytes < 17)
+      return FALSE;
+
    pad->granulerate_n = (packet->packet[14] << 12) |
        (packet->packet[15] << 4) | ((packet->packet[16] >> 4) & 0xf);
  }