Opened 4 years ago

Closed 4 years ago

#12285 closed enhancement (fixed)


Reported by: Bruce Dubbs Owned by: Bruce Dubbs
Priority: normal Milestone: 9.0
Component: BOOK Version: SVN
Severity: normal Keywords:


New point version.

Change History (3)

comment:1 by Bruce Dubbs, 4 years ago

Owner: changed from blfs-book to Bruce Dubbs
Status: newassigned

comment:2 by Bruce Dubbs, 4 years ago


So, here is a number of bugs found by OSS-Fuzz. Credit to OSS-Fuzz for the bunch, then.

  • libmpg123:
    • Fix out-of-bounds reads in ID3 parser for unsynced frames. (oss-fuzz-bug 15852)
    • Fix out-of-bounds read for RVA2 frames with non-delimited identifier. (oss-fuzz-bug 15852)
    • Fix implementation-defined parsing of RVA2 values. (oss-fuzz-bug 15862)
    • Fix undefined parsing of APE header for skipping. Also prevent endless loop on premature end of supposed APE header. (oss-fuzz-bug 15864)
    • Fix some syntax to make pedantic compiler happy.

comment:3 by Bruce Dubbs, 4 years ago

Resolution: fixed
Status: assignedclosed

Fixed at revision 21843.

Note: See TracTickets for help on using tickets.