Steve Lhomme pushed to branch master at VideoLAN / VLC
Commits:
5983df5c by Steve Lhomme at 2025-08-21T10:24:16+00:00
demux: mp4: add sanity check on duration
The duration is coded on 4 or 8 bytes as unsigned. But it is converted to signed
in the MP4_rescale() which creates bogus computation.
A scaled duration should likely never reach INT64_MAX.
Fixes #29256
- - - - -
8753b281 by Steve Lhomme at 2025-08-21T10:24:16+00:00
demux: mp4: use the p_mvhd::i_duration once
So it's clearer they are all the same value.
- - - - -
1 changed file:
- modules/demux/mp4/mp4.c
Changes:
=====================================
modules/demux/mp4/mp4.c
=====================================
@@ -1130,10 +1130,12 @@ static int Open( vlc_object_t * p_this )
}
p_mvhd = MP4_BoxGet( p_sys->p_moov, "mvhd" );
- if( p_mvhd && BOXDATA(p_mvhd) && BOXDATA(p_mvhd)->i_timescale )
+ if( p_mvhd && BOXDATA(p_mvhd) && BOXDATA(p_mvhd)->i_timescale &&
+ BOXDATA(p_mvhd)->i_duration < INT64_MAX )
{
p_sys->i_timescale = BOXDATA(p_mvhd)->i_timescale;
- p_sys->i_moov_duration = p_sys->i_duration =
BOXDATA(p_mvhd)->i_duration;
+ p_sys->i_moov_duration =
+ p_sys->i_duration =
p_sys->i_cumulated_duration = BOXDATA(p_mvhd)->i_duration;
}
else
View it on GitLab:
https://code.videolan.org/videolan/vlc/-/compare/d92f1d5ea463d08f06f9c3634b2713e7f344fc40...8753b281ba36378ab2803a5419b9c0713b26a389
--
View it on GitLab:
https://code.videolan.org/videolan/vlc/-/compare/d92f1d5ea463d08f06f9c3634b2713e7f344fc40...8753b281ba36378ab2803a5419b9c0713b26a389
You're receiving this email because of your account on code.videolan.org.
VideoLAN code repository instance_______________________________________________
vlc-commits mailing list
vlc-commits@videolan.org
https://mailman.videolan.org/listinfo/vlc-commits
