Bug 12185

Summary: Stack overflow in flac123 0.0.9
Product: Sisyphus Reporter: Igor Zubkov <icesik>
Component: flac123Assignee: Anton Farygin <rider>
Status: CLOSED FIXED QA Contact: qa-sisyphus
Severity: normal    
Priority: P2 CC: ldv, rider
Version: unstable   
Hardware: all   
OS: Linux   
URL: http://www.isecpartners.com/advisories/2007-002-flactools.txt

Description Igor Zubkov 2007-06-30 12:40:08 MSD 
Stack overflow in flac123 0.0.9

Details:
--------
The function local__vcentry_parse_value() in vorbiscomment.c does not
correctly handle a long value_length, causing it to overflow the buffer
"dest" during memcpy().

Fix Information:
----------------
This is the sole issue corrected in version 0.0.10.
Comment 1 swi 2007-06-30 19:57:35 MSD 
fixed in flac123-0.0.10-alt1
Comment 2 Igor Zubkov 2007-07-03 15:26:18 MSD 
Кстати, номер в cve -- CVE-2007-3507. (на всякий).