[FFmpeg-cvslog] avidec: Make sure a packet is large enough before reading its data

Martin Storsjö git at videolan.org
Sun Sep 29 22:58:05 CEST 2013


ffmpeg | branch: master | Martin Storsjö <martin at martin.st> | Sat Sep 28 00:41:31 2013 +0300| [8d07258bb6063d0780ce2d39443d6dc6d8eedc5a] | committer: Martin Storsjö

avidec: Make sure a packet is large enough before reading its data

Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable at libav.org
Signed-off-by: Martin Storsjö <martin at martin.st>

> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=8d07258bb6063d0780ce2d39443d6dc6d8eedc5a
---

 libavformat/avidec.c |    3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/libavformat/avidec.c b/libavformat/avidec.c
index 1212c6a..3616281 100644
--- a/libavformat/avidec.c
+++ b/libavformat/avidec.c
@@ -816,7 +816,8 @@ fail:
 
 static int read_gab2_sub(AVStream *st, AVPacket *pkt)
 {
-    if (!strcmp(pkt->data, "GAB2") && AV_RL16(pkt->data + 5) == 2) {
+    if (pkt->size >= 7 &&
+        !strcmp(pkt->data, "GAB2") && AV_RL16(pkt->data + 5) == 2) {
         uint8_t desc[256];
         int score      = AVPROBE_SCORE_EXTENSION, ret;
         AVIStream *ast = st->priv_data;



More information about the ffmpeg-cvslog mailing list