[FFmpeg-cvslog] mov: Fix near infinite loop in stsd parsing.
Michael Niedermayer
git at videolan.org
Thu Dec 15 21:44:15 CET 2011
ffmpeg | branch: master | Michael Niedermayer <michaelni at gmx.at> | Thu Dec 15 20:51:00 2011 +0100| [5f95c130a020ec8f6eb7ade8808f59dac5834410] | committer: Michael Niedermayer
mov: Fix near infinite loop in stsd parsing.
Fixes Ticket768
Bug found by: Diana Elena Muscalu
Signed-off-by: Michael Niedermayer <michaelni at gmx.at>
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=5f95c130a020ec8f6eb7ade8808f59dac5834410
---
libavformat/mov.c | 3 +++
1 files changed, 3 insertions(+), 0 deletions(-)
diff --git a/libavformat/mov.c b/libavformat/mov.c
index 7b41ec4..38248d4 100644
--- a/libavformat/mov.c
+++ b/libavformat/mov.c
@@ -1082,6 +1082,9 @@ int ff_mov_read_stsd_entries(MOVContext *c, AVIOContext *pb, int entries)
avio_rb32(pb); /* reserved */
avio_rb16(pb); /* reserved */
dref_id = avio_rb16(pb);
+ }else if (size <= 0){
+ av_log(c->fc, AV_LOG_ERROR, "invalid size %d in stsd\n", size);
+ return -1;
}
if (st->codec->codec_tag &&
More information about the ffmpeg-cvslog
mailing list