[FFmpeg-devel] [PATCH v2 10/11] avformat/dvdvideodec: check the length of a NAV packet when reading titles
Marth64
marth64 at proxyid.net
Mon Sep 23 08:19:40 EEST 2024
Some discs present titles with bogus NAV packets. We apply this check
for menus and for title MPEG blocks, but we should also apply it
for NAV packets during title demuxing.
Signed-off-by: Marth64 <marth64 at proxyid.net>
---
libavformat/dvdvideodec.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/libavformat/dvdvideodec.c b/libavformat/dvdvideodec.c
index 6f947c3927..e1c335f270 100644
--- a/libavformat/dvdvideodec.c
+++ b/libavformat/dvdvideodec.c
@@ -740,6 +740,13 @@ static int dvdvideo_play_next_ps_block(AVFormatContext *s, DVDVideoPlaybackState
return AVERROR_EOF;
}
+ if (nav_len != DVDVIDEO_BLOCK_SIZE) {
+ av_log(s, AV_LOG_ERROR, "Invalid NAV packet size (expected=%d actual=%d)\n",
+ DVDVIDEO_BLOCK_SIZE, nav_len);
+
+ return AVERROR_INVALIDDATA;
+ }
+
e_pci = dvdnav_get_current_nav_pci(state->dvdnav);
e_dsi = dvdnav_get_current_nav_dsi(state->dvdnav);
--
2.39.5 (Apple Git-154)
More information about the ffmpeg-devel
mailing list