The pointer arguments to memcpy (and several other functions of the
C standard library) are not allowed to be NULL, not even when the number
of bytes to copy is zero. An AVEncryptionInitInfo's data pointer is
explicitly allowed to be NULL and yet av_encryption_init_info_add_side_data
unconditionally used it as a source pointer to copy from. This commit changes
this so that copying is only done if the number of bytes to copy is > 0.
Fixes ticket #8141 as well as a part of ticket #8150.
Signed-off-by: Andreas Rheinhardt <andreas.rheinha...@gmail.com>
---
This is a slightly improved version (see the code). Furthermore, a typo
in the commit message has been fixed.
libavutil/encryption_info.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/libavutil/encryption_info.c b/libavutil/encryption_info.c
index 812c704776..dd3fa71a44 100644
--- a/libavutil/encryption_info.c
+++ b/libavutil/encryption_info.c
@@ -331,8 +331,10 @@ uint8_t *av_encryption_init_info_add_side_data(const
AVEncryptionInitInfo *info,
memcpy(cur_buffer, cur_info->key_ids[i], cur_info->key_id_size);
cur_buffer += cur_info->key_id_size;
}
- memcpy(cur_buffer, cur_info->data, cur_info->data_size);
- cur_buffer += cur_info->data_size;
+ if (cur_info->data_size > 0) {
+ memcpy(cur_buffer, cur_info->data, cur_info->data_size);
+ cur_buffer += cur_info->data_size;
+ }
}
return buffer;
--
2.20.1
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
