Commit 883d3c07 authored by npzacs's avatar npzacs

Fix possible OOB read

parent 6b3f05c9
......@@ -1437,6 +1437,11 @@ static AACS_RL_ENTRY *_get_rl(const char *type, int *num_records, int *mkbv)
*mkbv = version;
*num_records = MKINT_BE32((uint8_t*)data + 20);
memmove(data, (uint8_t*)data + 24, len - 24);
len -= 24;
if ((int)(len/8) < *num_records) {
*num_records = len/8;
}
int ii;
AACS_RL_ENTRY *rl = data;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment