GNOME Bugzilla – Bug 778206
tracker-extract: Clarify untrusted value checks
Last modified: 2017-02-06 15:23:09 UTC
Rework some of the checks for lengths read from MP3 files to ensure that the intermediate values can’t overflow.
Created attachment 344975 [details] [review] tracker-extract: Clarify a magic number Looks like this is the value of the header and frame sizes.
Created attachment 344976 [details] [review] tracker-extract: Clarify untrusted value checks When validating the values of csize and tsize (as they are read from a potentially untrusted MP3 file), put them as the left-hand operand in the comparison by themselves, without adding anything which: • confuses Coverity; • potentially overflows. Coverity ID: 1399652
Comment on attachment 344975 [details] [review] tracker-extract: Clarify a magic number that's indeed more readable :)
Comment on attachment 344976 [details] [review] tracker-extract: Clarify untrusted value checks Looks good!
Attachment 344975 [details] pushed as 35c7398 - tracker-extract: Clarify a magic number Attachment 344976 [details] pushed as 397883a - tracker-extract: Clarify untrusted value checks