On 11/8/2024 8:45 PM, James Almer wrote:
Pointers to specific entries in the array are stored in other structs, so in the scenario where heif_item was reallocated when parsing an iloc box after and iinf one, the pointers may end up referencing freed memory.Fixes use-after-free with such samples. Signed-off-by: James Almer <jamr...@gmail.com> --- libavformat/isom.h | 2 +- libavformat/mov.c | 75 ++++++++++++++++++++++++++++++---------------- 2 files changed, 51 insertions(+), 26 deletions(-)
Will apply.
OpenPGP_signature.asc
Description: OpenPGP digital signature
_______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
