Chiebot-Mirror
/
FFmpeg
mirror of https://github.com/FFmpeg/FFmpeg.git
8
0
Fork 0
Code Issues Projects Releases Wiki Activity

stop parsing if tag size is wrongly < 8 to avoid infinite loop

Browse Source 
Originally committed as revision 15401 to svn://svn.ffmpeg.org/ffmpeg/trunk
pull/126/head
Baptiste Coudurier 17 years ago
parent f2d65a6c8a
commit 4e240985d8
1 changed files with 1 additions and 1 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 2
      libavformat/mov.c

2
libavformat/mov.c
Unescape View File

@ -1379,7 +1379,7 @@ static int mov_read_udta(MOVContext *c, ByteIOContext *pb, MOV_atom_t atom)
uint32_t tag = get_le32(pb);
uint64_t next = url_ftell(pb) + tag_size - 8;
if (next > end) // stop if tag_size is wrong
if (tag_size < 8 || next > end) // stop if tag_size is wrong
break;
switch (tag) {

Write Preview
Loading…
Cancel
Save