Bug 12185 - Stack overflow in flac123 0.0.9
: Stack overflow in flac123 0.0.9
Status: CLOSED FIXED
: Sisyphus
(All bugs in Sisyphus/flac123)
: unstable
: all Linux
: P2 normal
Assigned To:
:
: http://www.isecpartners.com/advisorie...
:
:
:
  Show dependency tree
 
Reported: 2007-06-30 12:40 by
Modified: 2007-07-03 15:26 (History)


Attachments


Note

You need to log in before you can comment on or make changes to this bug.


Description From 2007-06-30 12:40:08
Stack overflow in flac123 0.0.9

Details:
--------
The function local__vcentry_parse_value() in vorbiscomment.c does not
correctly handle a long value_length, causing it to overflow the buffer
"dest" during memcpy().

Fix Information:
----------------
This is the sole issue corrected in version 0.0.10.
------- Comment #1 From 2007-06-30 19:57:35 -------
fixed in flac123-0.0.10-alt1
------- Comment #2 From 2007-07-03 15:26:18 -------
Кстати, номер в cve -- CVE-2007-3507. (на всякий).