The current parsing process for adaptation_sets does not guarantee
every adaptation set to contain at least one stream, because the loop
exits immediately as soon as the end of the string has been reached,
without checking whether the currently active adaptation set group is
lacking a stream. This would lead to segfaults lateron as the rest of
the code presumed that every adaptation set contains a stream. This
commit fixes this by erroring out when the last adaptation set group
is incomplete.
Signed-off-by: Andreas Rheinhardt <andreas.rheinha...@gmail.com>
---
libavformat/webmdashenc.c | 9 +++++++--
1 file changed, 7 insertions(+), 2 deletions(-)
diff --git a/libavformat/webmdashenc.c b/libavformat/webmdashenc.c
index fd07b3e34a..3101e0a039 100644
--- a/libavformat/webmdashenc.c
+++ b/libavformat/webmdashenc.c
@@ -437,8 +437,13 @@ static int parse_adaptation_sets(AVFormatContext *s)
}
// syntax id=0,streams=0,1,2 id=1,streams=3,4 and so on
state = new_set;
- while (p < w->adaptation_sets + strlen(w->adaptation_sets)) {
- if (state == new_set && *p == ' ') {
+ while (1) {
+ if (*p == '\0') {
+ if (state == new_set)
+ break;
+ else
+ return AVERROR(EINVAL);
+ } else if (state == new_set && *p == ' ') {
p++;
continue;
} else if (state == new_set && !strncmp(p, "id=", 3)) {
--
2.20.1
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
