[FFmpeg-cvslog] mov: Validate spherical metadata version

Vittorio Giovara git at videolan.org
Tue Oct 17 21:57:32 EEST 2017


ffmpeg | branch: master | Vittorio Giovara <vittorio.giovara at gmail.com> | Wed Feb 15 10:40:16 2017 -0500| [0f8512c4a87b89b4694053d8ffda48066ee1da62] | committer: Vittorio Giovara

mov: Validate spherical metadata version

> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=0f8512c4a87b89b4694053d8ffda48066ee1da62
---

 libavformat/mov.c | 26 ++++++++++++++++++++++----
 1 file changed, 22 insertions(+), 4 deletions(-)

diff --git a/libavformat/mov.c b/libavformat/mov.c
index f1ff6ad5b5..f406831457 100644
--- a/libavformat/mov.c
+++ b/libavformat/mov.c
@@ -3235,7 +3235,7 @@ static int mov_read_sv3d(MOVContext *c, AVIOContext *pb, MOVAtom atom)
 {
     AVStream *st;
     MOVStreamContext *sc;
-    int size;
+    int size, version;
     int32_t yaw, pitch, roll;
     uint32_t tag;
     enum AVSphericalProjection projection;
@@ -3260,7 +3260,13 @@ static int mov_read_sv3d(MOVContext *c, AVIOContext *pb, MOVAtom atom)
         av_log(c->fc, AV_LOG_ERROR, "Missing spherical video header\n");
         return 0;
     }
-    avio_skip(pb, 4); /*  version + flags */
+    version = avio_r8(pb);
+    if (version != 0) {
+        av_log(c->fc, AV_LOG_WARNING, "Unknown spherical version %d\n",
+               version);
+        return 0;
+    }
+    avio_skip(pb, 3); /* flags */
     avio_skip(pb, size - 12); /* metadata_source */
 
     size = avio_rb32(pb);
@@ -3282,7 +3288,13 @@ static int mov_read_sv3d(MOVContext *c, AVIOContext *pb, MOVAtom atom)
         av_log(c->fc, AV_LOG_ERROR, "Missing projection header box\n");
         return 0;
     }
-    avio_skip(pb, 4); /*  version + flags */
+    version = avio_r8(pb);
+    if (version != 0) {
+        av_log(c->fc, AV_LOG_WARNING, "Unknown spherical version %d\n",
+               version);
+        return 0;
+    }
+    avio_skip(pb, 3); /* flags */
 
     /* 16.16 fixed point */
     yaw   = avio_rb32(pb);
@@ -3294,7 +3306,13 @@ static int mov_read_sv3d(MOVContext *c, AVIOContext *pb, MOVAtom atom)
         return AVERROR_INVALIDDATA;
 
     tag = avio_rl32(pb);
-    avio_skip(pb, 4); /*  version + flags */
+    version = avio_r8(pb);
+    if (version != 0) {
+        av_log(c->fc, AV_LOG_WARNING, "Unknown spherical version %d\n",
+               version);
+        return 0;
+    }
+    avio_skip(pb, 3); /* flags */
     switch (tag) {
     case MKTAG('c','b','m','p'):
         projection = AV_SPHERICAL_CUBEMAP;



More information about the ffmpeg-cvslog mailing list