[FFmpeg-devel] [PATCH 2/3] cafdec: prevent overreading the info chunk
Anton Khirnov
anton
Thu Mar 3 13:51:56 CET 2011
---
libavformat/cafdec.c | 5 +++--
1 files changed, 3 insertions(+), 2 deletions(-)
diff --git a/libavformat/cafdec.c b/libavformat/cafdec.c
index d98c4bf..715dfdf 100644
--- a/libavformat/cafdec.c
+++ b/libavformat/cafdec.c
@@ -182,11 +182,12 @@ static void read_info_chunk(AVFormatContext *s, int64_t size)
AVIOContext *pb = s->pb;
unsigned int i;
unsigned int nb_entries = avio_rb32(pb);
+ size -= 4;
for (i = 0; i < nb_entries; i++) {
char key[32];
char value[1024];
- get_strz(pb, key, sizeof(key));
- get_strz(pb, value, sizeof(value));
+ size -= avio_get_str(pb, size, key, sizeof(key));
+ size -= avio_get_str(pb, size, value, sizeof(value));
av_metadata_set2(&s->metadata, key, value, 0);
}
}
--
1.7.4.1
More information about the ffmpeg-devel
mailing list