Friendly ping. I'd like to not have to land this in Chromium before upstream ffmpeg, but I may need to soon.
On Tue, Mar 6, 2018 at 1:56 PM, Michael Niedermayer <mich...@niedermayer.cc> wrote: > Fixes: Chromium bug 800123 > Reported-by: Matt Wolenetz <wolen...@google.com> > Reviewed-by: Matt Wolenetz <wolen...@google.com> > Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> > --- > libavformat/oggparsevorbis.c | 4 ++++ > 1 file changed, 4 insertions(+) > > diff --git a/libavformat/oggparsevorbis.c b/libavformat/oggparsevorbis.c > index 29b1ab514e..bcfd246b8d 100644 > --- a/libavformat/oggparsevorbis.c > +++ b/libavformat/oggparsevorbis.c > @@ -230,6 +230,10 @@ static int fixup_vorbis_headers(AVFormatContext *as, > > len = priv->len[0] + priv->len[1] + priv->len[2]; > buf_len = len + len / 255 + 64; > + > + if (*buf) > + return AVERROR_INVALIDDATA; > + > ptr = *buf = av_realloc(NULL, buf_len); > if (!ptr) > return AVERROR(ENOMEM); > -- > 2.16.2 > > _______________________________________________ > ffmpeg-devel mailing list > ffmpeg-devel@ffmpeg.org > http://ffmpeg.org/mailman/listinfo/ffmpeg-devel > _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org http://ffmpeg.org/mailman/listinfo/ffmpeg-devel