Mercurial > libavformat.hg

changeset 2547:92bf4673d050 libavformat

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
stop parsing udta if size is wrong/garbage, fix issue 154, fix RQ004F14.MOV
author bcoudurier
date Wed, 12 Sep 2007 10:18:01 +0000
parents 015aa98f3f12
children 276257e703af
files mov.c
diffstat 1 files changed, 3 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- a/mov.c	Tue Sep 11 23:46:46 2007 +0000
+++ b/mov.c	Wed Sep 12 10:18:01 2007 +0000
@@ -1060,6 +1060,9 @@
         uint32_t tag      = get_le32(pb);
         uint64_t next     = url_ftell(pb) + tag_size - 8;
 
+        if (next > end) // stop if tag_size is wrong
+            break;
+
         switch (tag) {
         case MKTAG(0xa9,'n','a','m'):
             mov_parse_udta_string(pb, c->fc->title,     sizeof(c->fc->title));