[FFmpeg-devel] [PATCH] [mov] Avoid OOM for invalid STCO / CO64 constructions.
Dale Curtis
dalecurtis at chromium.org
Sat Feb 3 01:42:35 EET 2024
On Fri, Feb 2, 2024 at 3:20 PM Andreas Rheinhardt <
andreas.rheinhardt at outlook.com> wrote:
> Dale Curtis:
> > + // Clamp allocation size for `chunk_offsets` -- don't throw an
> error for an
> > + // invalid count since the EOF path doesn't throw either.
> > + entries =
> > + FFMIN(entries, FFMIN(atom.size - 8, avio_size(pb) -
> avio_tell(pb)) /
> > + (atom.type == MKTAG('s', 't', 'c', 'o') ? 4
> : 8));
> > +
>
> This may call avio_size() and avio_tell() multiple times. Furthermore,
> is it even certain that avio_size() returns a sane value?
>
I hope so since there are other usages of avio_size() throughout the file
in a similar manner. I guess you're saying it may be invalid when
!AVIO_SEEKABLE_NORMAL? Sticking to just atom.size is also fine.
>
> - Andreas
>
> _______________________________________________
> ffmpeg-devel mailing list
> ffmpeg-devel at ffmpeg.org
> https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
>
> To unsubscribe, visit link above, or email
> ffmpeg-devel-request at ffmpeg.org with subject "unsubscribe".
>
More information about the ffmpeg-devel
mailing list