[FFmpeg-devel] [PATCH 2/2] webmdashenc: Validate the 'streams' adaptation sets parameter
Derek Buitenhuis
derek.buitenhuis at gmail.com
Thu Apr 20 15:14:43 EEST 2017
It should not be a value larger than the number of streams we have,
or it will cause invalid reads and/or SIGSEGV.
Signed-off-by: Derek Buitenhuis <derek.buitenhuis at gmail.com>
---
libavformat/webmdashenc.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/libavformat/webmdashenc.c b/libavformat/webmdashenc.c
index 2f5c31e..5025cc1 100644
--- a/libavformat/webmdashenc.c
+++ b/libavformat/webmdashenc.c
@@ -467,7 +467,12 @@ static int parse_adaptation_sets(AVFormatContext *s)
if (as->streams == NULL)
return AVERROR(ENOMEM);
as->streams[as->nb_streams - 1] = to_integer(p, q - p + 1);
- if (as->streams[as->nb_streams - 1] < 0) return -1;
+ if (as->streams[as->nb_streams - 1] < 0 ||
+ as->streams[as->nb_streams - 1] >= as->nb_streams ||
+ as->streams[as->nb_streams - 1] >= s->nb_streams) {
+ av_log(s, AV_LOG_ERROR, "Invalid value for 'streams' in adapation_sets.\n");
+ return AVERROR_INVALIDDATA;
+ }
if (*q == '\0') break;
if (*q == ' ') state = new_set;
p = ++q;
--
1.8.3.1
More information about the ffmpeg-devel
mailing list