[FFmpeg-devel] [PATCH] check buffer is inside what is passed when probing for flac.
Philipp Meinen
philipp
Tue Jan 27 15:26:05 CET 2009
Hello
[...]
> ===================================================================
> --- libavformat/raw.c???(revision 16816)
> +++ libavformat/raw.c???(working copy)
> @@ -586,11 +586,12 @@ static int eac3_probe(AVProbeData *p)
> ?static int flac_probe(AVProbeData *p)
> ?{
> ? ? ?uint8_t *bufptr = p->buf;
> + ? ?uint8_t *end ? ?= p->buf + p->buf_size;
> ?
> ? ? ?if(ff_id3v2_match(bufptr))
> ? ? ? ? ?bufptr += ff_id3v2_tag_len(bufptr);
> ?
> - ? ?if(memcmp(bufptr, "fLaC", 4)) return 0;
> + ? ?if(bufptr > end-4 || memcmp(bufptr, "fLaC", 4)) return 0;
Might I ask why you use poiner-logic instead of using the
buf_size field ?
something like:
if (buf_size > 3 || ...)
> ? ? ?else ? ? ? ? ? ? ? ? ? ? ? ? ?return AVPROBE_SCORE_MAX / 2;
> ?}
> ?#endif
Regards,
Philipp
More information about the ffmpeg-devel
mailing list