wrapper/FFmpeg
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

avcodec/utils: add some saftey checks to add_metadata_from_side_data()

Browse source 
This fixes potential overreads with crafted files.

Found-by: wm4
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 838f461b07)

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
This commit is contained in:
Michael Niedermayer 2013-10-19 17:52:47 +02:00
parent 72f1907c96
commit fce2cfbdcf
1 changed files with 8 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

9
libavcodec/utils.c
View file

@ -1899,10 +1899,17 @@ static int add_metadata_from_side_data(AVCodecContext *avctx, AVFrame *frame)
if (!side_metadata)
goto end;
end = side_metadata + size;
if (size && end[-1])
return AVERROR_INVALIDDATA;
while (side_metadata < end) {
const uint8_t *key = side_metadata;
const uint8_t *val = side_metadata + strlen(key) + 1;
int ret = av_dict_set(avpriv_frame_get_metadatap(frame), key, val, 0);
int ret;
if (val >= end)
return AVERROR_INVALIDDATA;
ret = av_dict_set(avpriv_frame_get_metadatap(frame), key, val, 0);
if (ret < 0)
break;
side_metadata = val + strlen(val) + 1;