Ticket #1556 (closed patch: fixed)

Opened 1 month ago

Last modified 1 month ago

Patch for fixing speex decoder buffer overflow.

Reported by: Eren Assigned to:
Priority: high Milestone:
Component: Decoders Version:
Severity: normal Keywords:
Cc: Platform(s): all
Difficulty: unknown Work status: Not started

Description

Hello,

As introduced here [0] many applications that use speex are vulnerable to buffer overflow attack. Attached patch solves this problem. Could you review it?

[0] http://www.securityfocus.com/archive/1/491009/30/0/threaded

Attachments

fix-speex-decoder-bof.patch (500 bytes) - added by Eren on 04/17/08 20:09:13.
Fix bof in modules/codec/speex.c

Change History

04/17/08 20:09:13 changed by Eren

  • attachment fix-speex-decoder-bof.patch added.

Fix bof in modules/codec/speex.c

04/17/08 20:18:26 changed by jb

  • status changed from new to closed.
  • resolution set to fixed.

Fixed in 8060b3457e20e6223b70927693f8da8f547b8fef