[FFmpeg-cvslog] avcodec/hevc_parse: check the size of hvcC is at least 23
Zhao Zhili
git at videolan.org
Mon Jul 3 15:59:32 EEST 2023
ffmpeg | branch: master | Zhao Zhili <zhilizhao at tencent.com> | Tue Jun 13 15:37:16 2023 +0800| [bdb4b64f16b75c4d4cd88c0755aa6111cadaa602] | committer: Zhao Zhili
avcodec/hevc_parse: check the size of hvcC is at least 23
The code after the check skip 21 bytes and then read two bytes.
Signed-off-by: Zhao Zhili <zhilizhao at tencent.com>
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=bdb4b64f16b75c4d4cd88c0755aa6111cadaa602
---
libavcodec/hevc_parse.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/libavcodec/hevc_parse.c b/libavcodec/hevc_parse.c
index 1f3beed183..7bc28fd081 100644
--- a/libavcodec/hevc_parse.c
+++ b/libavcodec/hevc_parse.c
@@ -88,8 +88,10 @@ int ff_hevc_decode_extradata(const uint8_t *data, int size, HEVCParamSets *ps,
/* data[0] == 1 is configurationVersion from 14496-15.
* data[0] == 0 is for backward compatibility predates the standard.
+ *
+ * Minimum number of bytes of hvcC with 0 numOfArrays is 23.
*/
- if (size > 3 && ((data[0] == 1) || (data[0] == 0 && (data[1] || data[2] > 1)))) {
+ if (size >= 23 && ((data[0] == 1) || (data[0] == 0 && (data[1] || data[2] > 1)))) {
/* It seems the extradata is encoded as hvcC format. */
int i, j, num_arrays, nal_len_size;
More information about the ffmpeg-cvslog
mailing list