[FFmpeg-devel] [mov] Error on too large stsd entry counts.
Michael Niedermayer
michael at niedermayer.cc
Fri Aug 31 15:21:56 EEST 2018
On Thu, Aug 30, 2018 at 03:21:02PM -0700, Dale Curtis wrote:
> Entries are always at least 8 bytes per the parsing code, so if we
> see an impossible entry count avoid massive allocations. This is
> similar to an existing check in mov_read_stsc().
>
> Since ff_mov_read_stsd_entries() does eof checks, an alternative
> approach could be to clamp the entry count to atom.size / 8.
>
> Signed-off-by: Dale Curtis <dalecurtis at chromium.org>
> mov.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
> 3678e5a185138a43c4f5dc4eb54283900e0e74c8 0001-Error-on-too-large-stsd-entry-counts.patch
> From 3e1663d84068ff7615f7e84fa1c1122729a531da Mon Sep 17 00:00:00 2001
> From: Dale Curtis <dalecurtis at chromium.org>
> Date: Thu, 30 Aug 2018 15:18:25 -0700
> Subject: [PATCH] Error on too large stsd entry counts.
>
> Entries are always at least 8 bytes per the parsing code, so if we
> see an impossible entry count avoid massive allocations. This is
> similar to an existing check in mov_read_stsc().
>
> Since ff_mov_read_stsd_entries() does eof checks, an alternative
> approach could be to clamp the entry count to atom.size / 8.
>
> Signed-off-by: Dale Curtis <dalecurtis at chromium.org>
> ---
> libavformat/mov.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
will apply
thx
[...]
--
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB
Elect your leaders based on what they did after the last election, not
based on what they say before an election.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: not available
URL: <http://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20180831/ea9ed683/attachment.sig>
More information about the ffmpeg-devel
mailing list