[FFmpeg-devel] [PATCH 2/3] avformat/mov: Fix parsing of saio/siaz atoms in encrypted content.
modmaker at google.com
Fri Jan 5 23:29:54 EET 2018
On Fri, Jan 5, 2018 at 12:41 PM, Carl Eugen Hoyos <ceffmpeg at gmail.com> wrote:
> 2018-01-05 20:49 GMT+01:00 Jacob Trimble <modmaker-at-google.com at ffmpeg.org>:
>> + entry_count = avio_rb32(pb);
>> + encryption_index->auxiliary_offsets = av_malloc_array(sizeof(size_t), entry_count);
> (sizeof(variable) instead of sizeof(type), please.)
> But since this could be used for a dos attack, please change this
> to something similar to 1112ba01.
> If it is easy to avoid it, very short files should not allocate
Switched to calculating the size based on the number of remaining
bytes and returning an error if it doesn't match what is read.
> Carl Eugen
> ffmpeg-devel mailing list
> ffmpeg-devel at ffmpeg.org
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 9375 bytes
Desc: not available
More information about the ffmpeg-devel