[FFmpeg-devel] [PATCH]lavf/mov: Fix an out-of-bound-read in mov_read_mac_string().
Carl Eugen Hoyos
cehoyos at ag.or.at
Mon Nov 14 15:56:04 EET 2016
Hi!
I believe attached patch fixes an out-of-bound-read in mov_read_mac_string()
if p<end is false and if the read character is < 0x80, see bug 989.
Please comment, Carl Eugen
-------------- next part --------------
From 6c69f755e1c4f22d1efb36777631c98a4d20ffef Mon Sep 17 00:00:00 2001
From: Carl Eugen Hoyos <cehoyos at ag.or.at>
Date: Mon, 14 Nov 2016 14:52:58 +0100
Subject: [PATCH] lavf/mov: Fix an out-of-bound-read in mov_read_mac_string().
---
libavformat/mov.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libavformat/mov.c b/libavformat/mov.c
index 8d6cc12..21556be 100644
--- a/libavformat/mov.c
+++ b/libavformat/mov.c
@@ -160,7 +160,7 @@ static int mov_read_mac_string(MOVContext *c, AVIOContext *pb, int len,
uint8_t t, c = avio_r8(pb);
if (c < 0x80 && p < end)
*p++ = c;
- else if (p < end)
+ else if (c >= 0x80 && p < end)
PUT_UTF8(mac_to_unicode[c-0x80], t, if (p < end) *p++ = t;);
}
*p = 0;
--
1.7.10.4
More information about the ffmpeg-devel
mailing list