Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Contribute to GitLab
Sign in / Register
Toggle navigation
F
ffmpeg.wasm-core
Project
Project
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Linshizhi
ffmpeg.wasm-core
Commits
aff3acc5
Commit
aff3acc5
authored
Sep 25, 2015
by
Paul B Mahol
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
avformat/iff: check for possible overflow in 2nd argument of av_new_packet
Signed-off-by:
Paul B Mahol
<
onemda@gmail.com
>
parent
428424fe
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
4 additions
and
0 deletions
+4
-0
iff.c
libavformat/iff.c
+4
-0
No files found.
libavformat/iff.c
View file @
aff3acc5
...
...
@@ -721,11 +721,15 @@ static int iff_read_packet(AVFormatContext *s,
if
(
st
->
codec
->
codec_tag
==
ID_DSD
||
st
->
codec
->
codec_tag
==
ID_MAUD
)
{
ret
=
av_get_packet
(
pb
,
pkt
,
FFMIN
(
iff
->
body_end
-
pos
,
1024
*
st
->
codec
->
block_align
));
}
else
{
if
(
iff
->
body_size
>
INT_MAX
)
return
AVERROR_INVALIDDATA
;
ret
=
av_get_packet
(
pb
,
pkt
,
iff
->
body_size
);
}
}
else
if
(
st
->
codec
->
codec_type
==
AVMEDIA_TYPE_VIDEO
)
{
uint8_t
*
buf
;
if
(
iff
->
body_size
>
INT_MAX
-
2
)
return
AVERROR_INVALIDDATA
;
if
(
av_new_packet
(
pkt
,
iff
->
body_size
+
2
)
<
0
)
{
return
AVERROR
(
ENOMEM
);
}
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
Paul B Mahol <onemda@gmail.com>Paul B Mahol <onemda@gmail.com>