[FFmpeg-devel] [PATCH] mov: only read e_old if there were any old streams

Andreas Cadhalpun andreas.cadhalpun at googlemail.com
Tue Nov 1 02:17:23 EET 2016

On 31.10.2016 19:20, Sasi Inguva wrote:
> First of all, if nb_old == 0 i.e. there are no entries in AVIndex, then
> there is no point in calling mov_fix_index function at all. So instead of
> doing the above , you can directly check for st->nb_index_entries > 0 at
> the top of mov_fix_index and return otherwise.

OK, patch doing that is attached.

> Also, I don't understand how nb_old==0 can cause heap overflow. If I read
> the code correctly, if nb_old==0  find_prev_closest_keyframe_index , should
> return -1, which would make the function skip that edit list here
>         if (index == -1) {
>            av_log(mov>->fc, AV_LOG_ERROR, "Missing key frame while reordering index according to edit list\n");
>           continue;
>        }

This checks is four lines below the heap buffer overflow, which is obviously too late.

Best regards,
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-mov-immediately-return-from-mov_fix_index-without-ol.patch
Type: text/x-diff
Size: 1093 bytes
Desc: not available
URL: <http://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20161101/13cb3148/attachment.patch>

More information about the ffmpeg-devel mailing list