[FFmpeg-devel] [PATCH 1/2] avformat/mov: Check extradata in mov_read_iacb()
Michael Niedermayer
michael at niedermayer.cc
Fri Jul 19 11:10:36 EEST 2024
On Thu, Jul 18, 2024 at 07:19:17PM -0300, James Almer wrote:
> On 7/18/2024 7:16 PM, Michael Niedermayer wrote:
> > Fixes: MemLeak
> > Fixes: 69853/clusterfuzz-testcase-minimized-ffmpeg_dem_MOV_fuzzer-4660448545275904
> >
> > Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
> > Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
> > ---
> > libavformat/mov.c | 2 ++
> > 1 file changed, 2 insertions(+)
> >
> > diff --git a/libavformat/mov.c b/libavformat/mov.c
> > index ce95842ce58..82fce7ef5c1 100644
> > --- a/libavformat/mov.c
> > +++ b/libavformat/mov.c
> > @@ -897,6 +897,8 @@ static int mov_read_iacb(MOVContext *c, AVIOContext *pb, MOVAtom atom)
> > st = c->fc->streams[c->fc->nb_streams - 1];
> > sc = st->priv_data;
> > + if (st->codecpar->extradata)
> > + return AVERROR_INVALIDDATA;
>
> Maybe it's better to do like other atoms where we ignore duplicate entries
> (See mov_read_glbl(), used for h264/hevc/etc).
IIRC its a mix of mov_read_iacb() and mov_read_stsd() both setting extradata
i can certainly do a "return 0" with some warning if you prefer that
thx
[...]
--
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB
"Nothing to hide" only works if the folks in power share the values of
you and everyone you know entirely and always will -- Tom Scott
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
URL: <https://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20240719/ebf7d1ff/attachment.sig>
More information about the ffmpeg-devel
mailing list