From: <dg...@us...> - 2007-03-10 00:41:38
|
Update of /cvsroot/xine/xine-lib/src/libw32dll/DirectShow In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv10809/src/libw32dll/DirectShow Modified Files: DS_VideoDecoder.c Log Message: * Security fixes: - Fix heap overflow in DMO loader. (CVE-2007-1246) [bug #1676925] Thanks to Kees Cook for reporting. Index: DS_VideoDecoder.c =================================================================== RCS file: /cvsroot/xine/xine-lib/src/libw32dll/DirectShow/DS_VideoDecoder.c,v retrieving revision 1.9 retrieving revision 1.10 diff -u -r1.9 -r1.10 --- DS_VideoDecoder.c 24 Dec 2003 16:55:36 -0000 1.9 +++ DS_VideoDecoder.c 10 Mar 2007 00:41:34 -0000 1.10 @@ -110,6 +110,7 @@ this->iv.m_bh = (BITMAPINFOHEADER*)malloc(bihs); memcpy(this->iv.m_bh, format, bihs); + this->iv.m_bh->biSize = bihs; this->iv.m_State = STOP; //this->iv.m_pFrame = 0; |