Commit ab82b778 authored by Carl Eugen Hoyos's avatar Carl Eugen Hoyos

Fix possible NULL-pointer dereference when decoding mov files.

Fixes CID743440, introduced in 850e5c04.
parent dab19048
...@@ -1384,6 +1384,7 @@ int ff_mov_read_stsd_entries(MOVContext *c, AVIOContext *pb, int entries) ...@@ -1384,6 +1384,7 @@ int ff_mov_read_stsd_entries(MOVContext *c, AVIOContext *pb, int entries)
} else if (st->codec->codec_type==AVMEDIA_TYPE_AUDIO) { } else if (st->codec->codec_type==AVMEDIA_TYPE_AUDIO) {
int bits_per_sample, flags; int bits_per_sample, flags;
uint16_t version = avio_rb16(pb); uint16_t version = avio_rb16(pb);
AVDictionaryEntry *compatible_brands = av_dict_get(c->fc->metadata, "compatible_brands", NULL, AV_DICT_MATCH_CASE);
st->codec->codec_id = id; st->codec->codec_id = id;
avio_rb16(pb); /* revision level */ avio_rb16(pb); /* revision level */
...@@ -1401,7 +1402,7 @@ int ff_mov_read_stsd_entries(MOVContext *c, AVIOContext *pb, int entries) ...@@ -1401,7 +1402,7 @@ int ff_mov_read_stsd_entries(MOVContext *c, AVIOContext *pb, int entries)
//Read QT version 1 fields. In version 0 these do not exist. //Read QT version 1 fields. In version 0 these do not exist.
av_dlog(c->fc, "version =%d, isom =%d\n",version,c->isom); av_dlog(c->fc, "version =%d, isom =%d\n",version,c->isom);
if (!c->isom || if (!c->isom ||
strstr(av_dict_get(c->fc->metadata, "compatible_brands", NULL, AV_DICT_MATCH_CASE)->value, "qt ")) { (compatible_brands && strstr(compatible_brands->value, "qt "))) {
if (version==1) { if (version==1) {
sc->samples_per_frame = avio_rb32(pb); sc->samples_per_frame = avio_rb32(pb);
avio_rb32(pb); /* bytes per packet */ avio_rb32(pb); /* bytes per packet */
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment