[FFmpeg-cvslog] avformat/nsvdec: Do not parse multiple NSVf
Michael Niedermayer
git at videolan.org
Sun Nov 18 04:01:29 EET 2018
ffmpeg | branch: release/3.2 | Michael Niedermayer <michael at niedermayer.cc> | Thu Aug 16 12:23:20 2018 +0200| [5d7bab77de261dd70218ac311a8536b4d42b98e8] | committer: Michael Niedermayer
avformat/nsvdec: Do not parse multiple NSVf
The specification states "NSV files may contain a single file header. "
Fixes: out of array access
Fixes: nsv-asan-002f473f726a0dcbd3bd53e422c4fc40b3cf3421
Found-by: Paul Ch <paulcher at icloud.com>
Tested-by: Paul Ch <paulcher at icloud.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 78d4b6bd43fc266a2ee926f0555c8782246f9445)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=5d7bab77de261dd70218ac311a8536b4d42b98e8
---
libavformat/nsvdec.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/libavformat/nsvdec.c b/libavformat/nsvdec.c
index 16d2fa59e2..3e7d815295 100644
--- a/libavformat/nsvdec.c
+++ b/libavformat/nsvdec.c
@@ -177,6 +177,7 @@ typedef struct NSVContext {
AVRational framerate;
uint32_t *nsvs_timestamps;
//DVDemuxContext* dv_demux;
+ int nsvf;
} NSVContext;
static const AVCodecTag nsv_codec_video_tags[] = {
@@ -280,6 +281,12 @@ static int nsv_parse_NSVf_header(AVFormatContext *s)
nsv->state = NSV_UNSYNC; /* in case we fail */
+ if (nsv->nsvf) {
+ av_log(s, AV_LOG_TRACE, "Multiple NSVf\n");
+ return 0;
+ }
+ nsv->nsvf = 1;
+
size = avio_rl32(pb);
if (size < 28)
return -1;
More information about the ffmpeg-cvslog
mailing list