diff options
Diffstat (limited to 'libmpdemux/asf_streaming.c')
-rw-r--r-- | libmpdemux/asf_streaming.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/libmpdemux/asf_streaming.c b/libmpdemux/asf_streaming.c index 2ddfbecc14..85c92214dc 100644 --- a/libmpdemux/asf_streaming.c +++ b/libmpdemux/asf_streaming.c @@ -194,6 +194,8 @@ static int asf_streaming_parse_header(int fd, streaming_ctrl_t* streaming_ctrl) return -1; } + // audit: do not overflow buffer_size + if (size > SIZE_MAX - buffer_size) return -1; buffer = (char*) malloc(size+buffer_size); if(buffer == NULL) { mp_msg(MSGT_NETWORK,MSGL_FATAL,MSGTR_MPDEMUX_ASF_BufferMallocFailed,size+buffer_size); |