PR #22503 opened by Kenaz123 URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/22503 Patch URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/22503.patch
Fix #22419. Truncated or malformed RSD inputs could leave part of the extradata buffer uninitialized because short reads were not rejected. This change requires each coefficient-table read to return the full 32 bytes and fails with `AVERROR_INVALIDDATA` otherwise. >From 197d68dd00e357c337f05451beeb12759f77bad9 Mon Sep 17 00:00:00 2001 From: Weidong Wang <[email protected]> Date: Sat, 14 Mar 2026 13:18:41 -0500 Subject: [PATCH] avformat/rsd: check ADPCM_THP extradata reads --- libavformat/rsd.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/libavformat/rsd.c b/libavformat/rsd.c index b9098646f6..f1feb70bac 100644 --- a/libavformat/rsd.c +++ b/libavformat/rsd.c @@ -133,7 +133,9 @@ static int rsd_read_header(AVFormatContext *s) for (i = 0; i < par->ch_layout.nb_channels; i++) { if (avio_feof(pb)) return AVERROR_EOF; - avio_read(s->pb, st->codecpar->extradata + 32 * i, 32); + ret = avio_read(s->pb, st->codecpar->extradata + 32 * i, 32); + if (ret != 32) + return AVERROR_INVALIDDATA; avio_skip(s->pb, 8); } break; -- 2.52.0 _______________________________________________ ffmpeg-devel mailing list -- [email protected] To unsubscribe send an email to [email protected]
