Skip to content

F
ffmpeg.wasm-core
Commit a3ede6b7 authored by Andreas Cadhalpun's avatar Andreas Cadhalpun
Browse files
Options

cafdec: check avio_read return value 

If avio_read fails, the buffer can contain uninitialized values.
Reviewed-by: 's avatarCarl Eugen Hoyos <cehoyos@ag.or.at>
Signed-off-by: 's avatarAndreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
parent 81cf9108
Hide whitespace changes
Inline Side-by-side
Showing with 14 additions and 3 deletions
libavformat/cafdec.c
View file @ a3ede6b7
......@@ -129,7 +129,10 @@ static int read_kuki_chunk(AVFormatContext *s, int64_t size)
avio_skip(pb, size);
return AVERROR_INVALIDDATA;
}
avio_read(pb, preamble, ALAC_PREAMBLE);
if (avio_read(pb, preamble, ALAC_PREAMBLE) != ALAC_PREAMBLE) {
av_log(s, AV_LOG_ERROR, "failed to read preamble\n");
return AVERROR_INVALIDDATA;
}
if (ff_alloc_extradata(st->codec, ALAC_HEADER))
return AVERROR(ENOMEM);
......@@ -144,14 +147,22 @@ static int read_kuki_chunk(AVFormatContext *s, int64_t size)
av_freep(&st->codec->extradata);
return AVERROR_INVALIDDATA;
}
avio_read(pb, st->codec->extradata, ALAC_HEADER);
if (avio_read(pb, st->codec->extradata, ALAC_HEADER) != ALAC_HEADER) {
av_log(s, AV_LOG_ERROR, "failed to read kuki header\n");
av_freep(&st->codec->extradata);
return AVERROR_INVALIDDATA;
}
avio_skip(pb, size - ALAC_PREAMBLE - ALAC_HEADER);
} else {
AV_WB32(st->codec->extradata, 36);
memcpy(&st->codec->extradata[4], "alac", 4);
AV_WB32(&st->codec->extradata[8], 0);
memcpy(&st->codec->extradata[12], preamble, 12);
avio_read(pb, &st->codec->extradata[24], ALAC_NEW_KUKI - 12);
if (avio_read(pb, &st->codec->extradata[24], ALAC_NEW_KUKI - 12) != ALAC_NEW_KUKI - 12) {
av_log(s, AV_LOG_ERROR, "failed to read new kuki header\n");
av_freep(&st->codec->extradata);
return AVERROR_INVALIDDATA;
}
avio_skip(pb, size - ALAC_NEW_KUKI);
}
} else {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment