[FFmpeg-devel] [PATCH] [mov] Avoid OOM for invalid STCO / CO64 constructions.
Dale Curtis
dalecurtis at chromium.org
Sat Feb 3 01:09:37 EET 2024
The `entries` value is read directly from the stream and used to
allocate memory. This change clamps `entries` to however many are
possible in the remaining atom or file size (whichever is smallest).
Fixes https://crbug.com/1429357
Signed-off-by: Dale Curtis <dalecurtis at chromium.org>
---
libavformat/mov.c | 7 +++++++
1 file changed, 7 insertions(+)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: stco-clamp-entries.patch
Type: application/octet-stream
Size: 1402 bytes
Desc: not available
URL: <https://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20240202/99add7a8/attachment.obj>
More information about the ffmpeg-devel
mailing list