[FFmpeg-devel] [PATCH 2/8] avcodec/samidec: do not overread if zero padding is missing
Marton Balint
cus at passwd.hu
Sat Mar 13 23:33:39 EET 2021
Signed-off-by: Marton Balint <cus at passwd.hu>
---
libavcodec/samidec.c | 9 ++++-----
1 file changed, 4 insertions(+), 5 deletions(-)
diff --git a/libavcodec/samidec.c b/libavcodec/samidec.c
index e32f238c62..f03b5db958 100644
--- a/libavcodec/samidec.c
+++ b/libavcodec/samidec.c
@@ -38,12 +38,12 @@ typedef struct {
int readorder;
} SAMIContext;
-static int sami_paragraph_to_ass(AVCodecContext *avctx, const char *src)
+static int sami_paragraph_to_ass(AVCodecContext *avctx, const char *src, size_t size)
{
SAMIContext *sami = avctx->priv_data;
int ret = 0;
char *tag = NULL;
- char *dupsrc = av_strdup(src);
+ char *dupsrc = av_strndup(src, size);
char *p = dupsrc;
AVBPrint *dst_content = &sami->encoded_content;
AVBPrint *dst_source = &sami->encoded_source;
@@ -135,11 +135,10 @@ static int sami_decode_frame(AVCodecContext *avctx,
void *data, int *got_sub_ptr, AVPacket *avpkt)
{
AVSubtitle *sub = data;
- const char *ptr = avpkt->data;
SAMIContext *sami = avctx->priv_data;
- if (ptr && avpkt->size > 0) {
- int ret = sami_paragraph_to_ass(avctx, ptr);
+ if (avpkt->data && avpkt->size > 0) {
+ int ret = sami_paragraph_to_ass(avctx, avpkt->data, avpkt->size);
if (ret < 0)
return ret;
// TODO: pass escaped sami->encoded_source.str as source
--
2.26.2
More information about the ffmpeg-devel
mailing list