From 2a35928abcb0820520d0ae8115c8fb49c14bbcbc Mon Sep 17 00:00:00 2001 From: Balint Reczey <balint@balintreczey.hu> Date: Thu, 5 Jan 2017 16:50:25 +0100 Subject: [PATCH 8/8] Don't try printing unknown block. This fixes the crash also known as CVE-2016-9828. Fixes: #60 --- util/outputtxt.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/util/outputtxt.c b/util/outputtxt.c index 7783dd5..eabee84 100644 --- a/util/outputtxt.c +++ b/util/outputtxt.c @@ -2934,6 +2934,6 @@ outputBlock (int type, SWF_Parserstruct * blockp, FILE* stream) return; } } - outputSWF_UNKNOWNBLOCK(blockp); + SWF_error("printing type: %d (%s) is not implemented", type, blockName(type)); return; } -- 2.1.4