On 12/02/15 16:40, Anton Khirnov wrote: > Quoting Luca Barbato (2015-02-07 14:14:54) >> Bug-Id: CID 1258461 >> CC: [email protected] >> --- >> libavformat/siff.c | 2 ++ >> 1 file changed, 2 insertions(+) >> >> diff --git a/libavformat/siff.c b/libavformat/siff.c >> index cf71514..79bfe7e 100644 >> --- a/libavformat/siff.c >> +++ b/libavformat/siff.c >> @@ -202,6 +202,8 @@ static int siff_read_packet(AVFormatContext *s, AVPacket >> *pkt) >> avio_read(s->pb, c->gmc, c->gmcsize); >> c->sndsize = (c->flags & VB_HAS_AUDIO) ? avio_rl32(s->pb) : 0; >> c->curstrm = !!(c->flags & VB_HAS_AUDIO); >> + if (c->pktsize < c->sndsize || c->sndsize < 4) >> + return AVERROR_INVALIDDATA; > > Only when audio is present. >
Obviously ... _______________________________________________ libav-devel mailing list [email protected] https://lists.libav.org/mailman/listinfo/libav-devel
