[FFmpeg-devel] [PATCH 2/2] mov: Don't export unknown/unhandled metadata types as if they were UTF8
Martin Storsjö
martin at martin.st
Wed Jul 14 15:32:40 EEST 2021
On Tue, 13 Jul 2021, Derek Buitenhuis wrote:
> On 4/1/2021 12:51 PM, Martin Storsjö wrote:
>> + } else if (data_type > 1 && data_type != 4) {
>> + // data_type can be 0 if not set at all above. data_type 1 means
>> + // UTF8 and 4 means "UTF8 sort". For any other type (UTF16 or e.g.
>> + // a picture), don't return it blindly in a string that is supposed
>> + // to be UTF8 text.
>> + av_log(c->fc, AV_LOG_WARNING, "Skipping unhandled metadata %s of type %d\n", key, data_type);
>> + av_free(str);
>> + return 0;
>
> Should we add any UTF-8 validation on our end too?
(Ah, here the reply arrived from yesterday)
I guess we could - but I see that as a separate thing to do which could be
applied everywhere where we export metadata.
Here we have a flag that clearly identifies what kind of data it is
(although we only recognize some of them), and if a type is set, which
isn't utf8, we at least should bail out there.
For reference for myself and others, the types are defined here:
https://developer.apple.com/library/archive/documentation/QuickTime/QTFF/Metadata/Metadata.html#//apple_ref/doc/uid/TP40000939-CH1-SW35
So 0 would mean unset/unknown/whatever, where we keep doing what we did
before. But for other values, like utf16, various endian integers, bmps,
whatever, just bail out.
// Martin
More information about the ffmpeg-devel
mailing list