[FFmpeg-devel] [PATCH 4/5] avformat/webmdashenc: Don't segfault on invalid arguments
Andreas Rheinhardt
andreas.rheinhardt at gmail.com
Mon May 18 06:30:32 EEST 2020
The current parsing process for adaptation_sets does not guarantee
every adaptation set to contain at least one stream, because the loop
exits immediately as soon as the end of the string has been reached,
without checking whether the currently active adaptation set group is
lacking a stream. This would lead to segfaults lateron as the rest of
the code presumed that every adaptation set contains a stream. This
commit fixes this by erroring out when the last adaptation set group
is incomplete.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt at gmail.com>
---
libavformat/webmdashenc.c | 9 +++++++--
1 file changed, 7 insertions(+), 2 deletions(-)
diff --git a/libavformat/webmdashenc.c b/libavformat/webmdashenc.c
index fd07b3e34a..3101e0a039 100644
--- a/libavformat/webmdashenc.c
+++ b/libavformat/webmdashenc.c
@@ -437,8 +437,13 @@ static int parse_adaptation_sets(AVFormatContext *s)
}
// syntax id=0,streams=0,1,2 id=1,streams=3,4 and so on
state = new_set;
- while (p < w->adaptation_sets + strlen(w->adaptation_sets)) {
- if (state == new_set && *p == ' ') {
+ while (1) {
+ if (*p == '\0') {
+ if (state == new_set)
+ break;
+ else
+ return AVERROR(EINVAL);
+ } else if (state == new_set && *p == ' ') {
p++;
continue;
} else if (state == new_set && !strncmp(p, "id=", 3)) {
--
2.20.1
More information about the ffmpeg-devel
mailing list