[FFmpeg-devel] [PATCH] lafv/wavdec: Fail bext parsing on incomplete reads
Michael Niedermayer
michael at niedermayer.cc
Fri Jul 26 09:37:22 EEST 2019
On Thu, Jul 25, 2019 at 04:09:35PM -0700, Matthew Wolenetz wrote:
>
> wavdec.c | 12 +++++++-----
> 1 file changed, 7 insertions(+), 5 deletions(-)
> 3e8d230a42a4a12aaf1c375f5a064924238992f9 0001-lafv-wavdec-Fail-bext-parsing-on-incomplete-reads.patch
> From 7966786250d9581891e0859f769a63f35a5c2729 Mon Sep 17 00:00:00 2001
> From: Matt Wolenetz <wolenetz at google.com>
> Date: Thu, 25 Jul 2019 15:54:49 -0700
> Subject: [PATCH] lafv/wavdec: Fail bext parsing on incomplete reads
>
> avio_read can successfully return even when less than the requested
> amount of input was read. wavdec's bext parsing mistakenly assumed a
> successful avio_read always read the full amount that was requested.
> The result could be dictionary tags populated with partially
> uninitialized values.
>
> This change also fixes a broken assertion in wav_parse_bext_string that
> was off-by-one, though no known current usage of that method hits that
> broken case.
>
> Chromium bug: 987270
>
> Signed-off-by: Matt Wolenetz <wolenetz at chromium.org>
> ---
> libavformat/wavdec.c | 12 +++++++-----
> 1 file changed, 7 insertions(+), 5 deletions(-)
will apply
thanks
[...]
--
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB
It is what and why we do it that matters, not just one of them.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: not available
URL: <http://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20190726/5d726e91/attachment.sig>
More information about the ffmpeg-devel
mailing list