This is an automated email from the git hooks/post-receive script. Git pushed a commit to branch release/7.1 in repository ffmpeg.
commit 2dd97b8d0b2c32e4abc8699ee807769c24e8e058 Author: Michael Niedermayer <[email protected]> AuthorDate: Tue May 19 09:40:41 2026 +0200 Commit: Michael Niedermayer <[email protected]> CommitDate: Thu Jun 18 20:31:03 2026 +0200 avformat/rtspdec: bound Content-Length in the ANNOUNCE handler to SDP_MAX_SIZE Reported by Franciszek Kalinowski (isec.pl / striga.ai) and Bartosz Smigielski. (cherry picked from commit 6049b4d7bc2be61cc91a1c412382b169697ca3c9) Signed-off-by: Michael Niedermayer <[email protected]> --- libavformat/rtspdec.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libavformat/rtspdec.c b/libavformat/rtspdec.c index e85ade0542..4a39c66dac 100644 --- a/libavformat/rtspdec.c +++ b/libavformat/rtspdec.c @@ -190,7 +190,7 @@ static int rtsp_read_announce(AVFormatContext *s) rtsp_send_reply(s, RTSP_STATUS_SERVICE, NULL, request.seq); return AVERROR_OPTION_NOT_FOUND; } - if (request.content_length > 0) { + if (request.content_length > 0 && request.content_length <= SDP_MAX_SIZE) { sdp = av_malloc(request.content_length + 1); if (!sdp) return AVERROR(ENOMEM); _______________________________________________ ffmpeg-cvslog mailing list -- [email protected] To unsubscribe send an email to [email protected]
