[FFmpeg-cvslog] avformat/mov: Disallow empty sidx
Michael Niedermayer
git at videolan.org
Wed Apr 6 22:56:04 EEST 2022
ffmpeg | branch: release/4.3 | Michael Niedermayer <michael at niedermayer.cc> | Wed Mar 2 13:01:53 2022 +0100| [54a0324ad96e74e82c33e72af7c6b360a7415863] | committer: Michael Niedermayer
avformat/mov: Disallow empty sidx
It appears this is not allowed "Each Segment Index box documents how a (sub)segment is divided into one or more subsegments
(which may themselves be further subdivided using Segment Index boxes)."
Fixes: Null pointer dereference
Fixes: Ticket9517
Reviewed-by: Paul B Mahol <onemda at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 4419433d77278cb742944c4514be5f72a04103c0)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=54a0324ad96e74e82c33e72af7c6b360a7415863
---
libavformat/mov.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/libavformat/mov.c b/libavformat/mov.c
index 6418e07c66..cc4a10f1bb 100644
--- a/libavformat/mov.c
+++ b/libavformat/mov.c
@@ -5104,6 +5104,8 @@ static int mov_read_sidx(MOVContext *c, AVIOContext *pb, MOVAtom atom)
avio_rb16(pb); // reserved
item_count = avio_rb16(pb);
+ if (item_count == 0)
+ return AVERROR_INVALIDDATA;
for (i = 0; i < item_count; i++) {
int index;
More information about the ffmpeg-cvslog
mailing list