[FFmpeg-devel] [PATCH] lavu/avstring: check for overlong encodings
Nicolas George
george at nsup.org
Sat Aug 30 15:06:14 CEST 2014
Le tridi 13 fructidor, an CCXXII, Stefano Sabatini a écrit :
> It is mathematically impossible that the length will be larger than 5.
> Added an assert for that though, alternatively I could add a check.
In ffprobe, the function is used with values coming directly from the file's
metadata: an assert is not acceptable in this case.
Furthermore, the function is capable of decoding the full UTF-8 range, up to
(1<<31)-1, and that takes 6 octets.
Also, I suspect checking for overlong encodings could have a flag just like
the other extraneous checks below.
Regards,
--
Nicolas George
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <https://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20140830/d600a6da/attachment.asc>
More information about the ffmpeg-devel
mailing list