libFLAC/stream_decoder.c : Fail safely to avoid a heap overflow.

A file provided by the reporters caused the stream decoder to write to
un-allocated heap space resulting in a segfault. The solution is to
error out (by returning false from read_residual_partitioned_rice_())
instead of trying to continue to decode.

Fixes: CVE-2014-9028
Reported-by: Michele Spagnuolo,
             Google Security Team <mikispag@google.com>

Bug: 23238405
Change-Id: I5c000e3d85d884a92208efebe53aa6edaef8829e
1 file changed
tree: 2aa37fbce870ebf7141e537a2652c9f7a32ff1dc
  1. Android.mk
  2. MODULE_LICENSE_BSD_LIKE
  3. NOTICE
  4. config.h
  5. include/
  6. libFLAC/