New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
An integer overflow bug of wav2swf #52
Comments
|
Is there any plan to address this? |
|
Yes, it would be good to fix this. I'll take a PR. |
|
I think PR#75 will solve this issue. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
swftools/lib/wav.c
Line 225 in 54657f9
when malloc.
there is an integer overflow bug:
(samplelenratio2)+128
that make the malloc failed.
so samples is 0
https://github.com/matthiaskramm/swftools/blob/master/src/wav2swf.c#L238
when memcpy use samples,it cause a null pointer dereference bug
memcpy(samples2, samples, numsamples*sizeof(U16));
The text was updated successfully, but these errors were encountered: