# HG changeset patch
# User henry
# Date 1267730057 0
# Node ID d71db8e4e1c7ebbc75f744e4a5df4b2b1c65de72
# Parent  9db0de5db7c808e9c2f0335ce6f018a48edb339e
add bounds checking in UDFFileEntry

Some badly mastered DVDs can have set bogus lengths of the Allocation
Descriptors, causing a segfault. This check ensures that the total entry
length does not exceed DVD logical block size before processing the entry.

diff -r 9db0de5db7c8 -r d71db8e4e1c7 dvd_udf.c
--- a/dvd_udf.c	Sat Jan 30 15:15:23 2010 +0000
+++ b/dvd_udf.c	Thu Mar 04 19:14:17 2010 +0000
@@ -443,6 +443,10 @@
 
   L_EA = GETN4( 168 );
   L_AD = GETN4( 172 );
+
+  if (176 + L_EA + L_AD > DVD_VIDEO_LB_LEN)
+    return 0;
+
   p = 176 + L_EA;
   while( p < 176 + L_EA + L_AD ) {
     switch( flags & 0x0007 ) {