1. 24 Sep, 2008 6 commits
  2. 23 Sep, 2008 33 commits
  3. 17 Sep, 2008 1 commit
    • Max Kellermann's avatar
      mp3: fix buffer overflow when max_frames is too large · 913028a7
      Max Kellermann authored
      The function decodeFirstFrame() allocates memory based on data from
      the mp3 header.  This can make the buffer size allocation overflow, or
      lead to a DoS attack with a very large buffer.  Cap this buffer at 8
      million frames, which should really be enough for reasonable files.
      913028a7