From: Zhang Xiaohui
Hi, I think function mov_read_cmov fails to perform proper bounds
checking on cmov_len, which may lead to invalid memory allocation.
Signed-off-by: Zhang Xiaohui
---
libavformat/mov.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/libavformat/mov.c b/libavformat/mov.
From: Zhang Xiaohui
Hi, I think function mov_read_cmov fails to perform proper bounds
checking on atom.size and cmov_len, which may lead to integer
overflow and invalid memory allocation.
Signed-off-by: Zhang Xiaohui
---
libavformat/mov.c | 4
1 file changed, 4 insertions(+)
diff --git a
