This is an automated email from the git hooks/post-receive script.
Git pushed a commit to branch master
in repository ffmpeg.
The following commit(s) were added to refs/heads/master by this push:
new 6049b4d7bc avformat/rtspdec: bound Content-Length in the ANNOUNCE
handler to SDP_MAX_SIZE
6049b4d7bc is described below
commit 6049b4d7bc2be61cc91a1c412382b169697ca3c9
Author: Michael Niedermayer <[email protected]>
AuthorDate: Tue May 19 09:40:41 2026 +0200
Commit: michaelni <[email protected]>
CommitDate: Sat Jun 13 21:31:18 2026 +0000
avformat/rtspdec: bound Content-Length in the ANNOUNCE handler to
SDP_MAX_SIZE
Reported by Franciszek Kalinowski (isec.pl / striga.ai) and Bartosz
Smigielski.
---
libavformat/rtspdec.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libavformat/rtspdec.c b/libavformat/rtspdec.c
index e0bdf9d4ac..4f970d4c89 100644
--- a/libavformat/rtspdec.c
+++ b/libavformat/rtspdec.c
@@ -191,7 +191,7 @@ static int rtsp_read_announce(AVFormatContext *s)
rtsp_send_reply(s, RTSP_STATUS_SERVICE, NULL, request.seq);
return AVERROR_OPTION_NOT_FOUND;
}
- if (request.content_length > 0) {
+ if (request.content_length > 0 && request.content_length <= SDP_MAX_SIZE) {
sdp = av_malloc(request.content_length + 1);
if (!sdp)
return AVERROR(ENOMEM);
_______________________________________________
ffmpeg-cvslog mailing list -- [email protected]
To unsubscribe send an email to [email protected]
