From: Paul B Mahol <onemda@gmail.com>
Date: Mon, 18 Aug 2014 11:00:24 +0000 (+0000)
Subject: wvdec: check for eof in wv_read_block_header()
X-Git-Tag: archive/raspbian/6%11.12-1_deb8u9+rpi1^2~10
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=e90d229a27e26ccb48924bba2b5605664990d276;p=libav.git

wvdec: check for eof in wv_read_block_header()

Fixes Ticket #3865
Found-by: Piotr Bandurski <ami_stuff@o2.pl>
Signed-off-by: Paul B Mahol <onemda@gmail.com>

Gbp-Pq: Name CVE-2019-14372.patch
---

diff --git a/libavformat/wvdec.c b/libavformat/wvdec.c
index 1a2a722..d23dc28 100644
--- a/libavformat/wvdec.c
+++ b/libavformat/wvdec.c
@@ -121,7 +121,7 @@ static int wv_read_block_header(AVFormatContext *ctx, AVIOContext *pb)
                    "Cannot determine additional parameters\n");
             return AVERROR_INVALIDDATA;
         }
-        while (avio_tell(pb) < block_end) {
+        while (avio_tell(pb) < block_end && !avio_feof(pb)) {
             int id, size;
             id   = avio_r8(pb);
             size = (id & 0x80) ? avio_rl24(pb) : avio_r8(pb);