[FFmpeg-devel] [PATCH 7/8] avformat/aviobuf: Check for overflow in ffio_read_varlen()
Michael Niedermayer
michael at niedermayer.cc
Sat Dec 19 01:22:07 EET 2020
No testcase
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
---
libavformat/aviobuf.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/libavformat/aviobuf.c b/libavformat/aviobuf.c
index 78cc60b2ae..7730547106 100644
--- a/libavformat/aviobuf.c
+++ b/libavformat/aviobuf.c
@@ -917,6 +917,8 @@ uint64_t ffio_read_varlen(AVIOContext *bc){
do{
tmp = avio_r8(bc);
+ if (val > UINT64_MAX>>7)
+ return AVERROR_INVALIDDATA;
val= (val<<7) + (tmp&127);
}while(tmp&128);
return val;
--
2.17.1
More information about the ffmpeg-devel
mailing list