Closed Bug 506878 Opened 16 years ago Closed 16 years ago

oggz_read_sync and oggz_read_update_gp don't check for errors from oggz_stream_get_content

Categories

(Core :: Audio/Video, defect)

Product:
Core
Component:
Audio/Video
Type:
defect
Priority:
Not set
Severity:
blocker

Tracking

()

Status:
RESOLVED FIXED

People

(Reporter: timeless, Assigned: cajbir)

References

(Blocks 1 open bug,
URL
)

Details

(Keywords: coverity, Whiteboard: [sg:moderate])

55 oggz_stream_get_content (OGGZ * oggz, long serialno) 62 if (stream == NULL) return OGGZ_ERR_BAD_SERIALNO; i'm aware that the code thinks its serial number is ok, but the function returns two error codes at this point and could potentially return more. it'd be appreciated if callers always checked for error values. 318 oggz_read_sync (OGGZ * oggz) 397 content = oggz_stream_get_content(oggz, serialno); 414 reader->current_granulepos = 415 oggz_auto_calculate_granulepos (content, granulepos, stream, op);
Group: core-security
URL: http://mxr.mozilla.org/mozilla-centra...http://mxr.mozilla.org/mozilla-centra...
Summary: oggz_read_sync doesn't check for errors from oggz_stream_get_content → oggz_read_sync and oggz_read_update_gp don't check for errors from oggz_stream_get_content
Fixed in upstream commit 822b0af67199d97298261d615cf6a3a50a3b8426
Status: UNCONFIRMED → NEW
Ever confirmed: true
Whiteboard: [sg:moderate]
Fixed by liboggz update.
Status: NEW → RESOLVED
Closed: 16 years ago
Depends on: CVE-2009-3377
Resolution: --- → FIXED
Group: core-security
You need to log in before you can comment on or make changes to this bug.