ffmpeg | branch: master | erankor <eran.kornb...@kaltura.com> | Wed Jun 13 11:48:20 2018 +0300| [ee09ffbfd2f744e796d6289523f396d830c025a3] | committer: Michael Niedermayer
qt-faststart: add validation on ftyp atom size avoid trying to allocate an unreasonably sized buffer on corrupt files Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> > http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=ee09ffbfd2f744e796d6289523f396d830c025a3 --- tools/qt-faststart.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/tools/qt-faststart.c b/tools/qt-faststart.c index d0ae7245f3..9446c11f80 100644 --- a/tools/qt-faststart.c +++ b/tools/qt-faststart.c @@ -84,6 +84,7 @@ #define ATOM_PREAMBLE_SIZE 8 #define COPY_BUFFER_SIZE 33554432 +#define MAX_FTYP_ATOM_SIZE 1048576 int main(int argc, char *argv[]) { @@ -133,6 +134,11 @@ int main(int argc, char *argv[]) /* keep ftyp atom */ if (atom_type == FTYP_ATOM) { + if (atom_size > MAX_FTYP_ATOM_SIZE) { + printf("ftyp atom size %"PRIu64" too big\n", + atom_size); + goto error_out; + } ftyp_atom_size = atom_size; free(ftyp_atom); ftyp_atom = malloc(ftyp_atom_size); _______________________________________________ ffmpeg-cvslog mailing list ffmpeg-cvslog@ffmpeg.org http://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog
