On Tue, 13 Jul 2021, Derek Buitenhuis wrote:
On 4/1/2021 12:51 PM, Martin Storsjö wrote:
+ } else if (data_type > 1 && data_type != 4) {
+ // data_type can be 0 if not set at all above. data_type 1 means
+ // UTF8 and 4 means "UTF8 sort". For any other type (UTF16 or e.g.
+ // a picture), don't return it blindly in a string that is supposed
+ // to be UTF8 text.
+ av_log(c->fc, AV_LOG_WARNING, "Skipping unhandled metadata %s of type
%d\n", key, data_type);
+ av_free(str);
+ return 0;
Should we add any UTF-8 validation on our end too?
(Ah, here the reply arrived from yesterday)
I guess we could - but I see that as a separate thing to do which could be
applied everywhere where we export metadata.
Here we have a flag that clearly identifies what kind of data it is
(although we only recognize some of them), and if a type is set, which
isn't utf8, we at least should bail out there.
For reference for myself and others, the types are defined here:
https://developer.apple.com/library/archive/documentation/QuickTime/QTFF/Metadata/Metadata.html#//apple_ref/doc/uid/TP40000939-CH1-SW35
So 0 would mean unset/unknown/whatever, where we keep doing what we did
before. But for other values, like utf16, various endian integers, bmps,
whatever, just bail out.
// Martin
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
