ffmpeg | branch: master | Michael Niedermayer <mich...@niedermayer.cc> | Thu May 23 01:43:42 2024 +0200| [2f04cb673cb394b6e1cda160af8faa733b62bae2] | committer: Michael Niedermayer
avformat/ac4dec: Check remaining space in ac4_probe() Fixes: CID1538298 Untrusted loop bound Fixes: undefined behavior Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> > http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=2f04cb673cb394b6e1cda160af8faa733b62bae2 --- libavformat/ac4dec.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/libavformat/ac4dec.c b/libavformat/ac4dec.c index f647f557cc..dc6638de3a 100644 --- a/libavformat/ac4dec.c +++ b/libavformat/ac4dec.c @@ -43,6 +43,8 @@ static int ac4_probe(const AVProbeData *p) size += 4; if (buf[1] == 0x41) size += 2; + if (left < size) + break; max_frames++; left -= size; buf += size; _______________________________________________ ffmpeg-cvslog mailing list ffmpeg-cvslog@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog To unsubscribe, visit link above, or email ffmpeg-cvslog-requ...@ffmpeg.org with subject "unsubscribe".
