1 Submitted By: David Jensen (djensen at linuxfromscratch dot org)
3 Initial Package Version: 0.59r
5 Upstream Status: not maintained
6 Description: Fixes buffer overflow vulnerablity (CAN-2004-0805)
8 $LastChangedBy: djensen $
9 $Date: 2005-07-26 21:17:28 -0600 (Tue, 26 Jul 2005) $
11 diff -Naur mpg123-0.59r.orig/layer2.c mpg123-0.59r/layer2.c
12 --- mpg123-0.59r.orig/layer2.c 1999-02-10 06:13:06.000000000 -0600
13 +++ mpg123-0.59r/layer2.c 2005-07-23 16:44:07.000000000 -0500
15 fr->jsbound = (fr->mode == MPG_MD_JOINT_STEREO) ?
16 (fr->mode_ext<<2)+4 : fr->II_sblimit;
18 + if (fr->jsbound > fr->II_sblimit) {
19 + fprintf(stderr, "Truncating stereo boundary to sideband limit.\n");
20 + fr->jsbound=fr->II_sblimit;
23 if(stereo == 1 || single == 3)