OSDN Git Service
(root)
/
android-x86
/
external-ffmpeg.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
a10f71c
)
omadec: check GEOB sizes against buffer size
author
Michael Niedermayer
<michaelni@gmx.at>
Mon, 16 Apr 2012 11:51:40 +0000
(13:51 +0200)
committer
Michael Niedermayer
<michaelni@gmx.at>
Mon, 16 Apr 2012 11:51:40 +0000
(13:51 +0200)
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
libavformat/omadec.c
patch
|
blob
|
history
diff --git
a/libavformat/omadec.c
b/libavformat/omadec.c
index
4777c13
..
c88d4f4
100644
(file)
--- a/
libavformat/omadec.c
+++ b/
libavformat/omadec.c
@@
-219,6
+219,10
@@
static int decrypt_init(AVFormatContext *s, ID3v2ExtraMeta *em, uint8_t *header)
av_log(s, AV_LOG_ERROR, "Invalid encryption header\n");
return -1;
}
+ if (oc->k_size + oc->e_size + oc->i_size > geob->datasize) {
+ av_log(s, AV_LOG_ERROR, "Too little GEOB data\n");
+ return AVERROR_INVALIDDATA;
+ }
oc->rid = AV_RB32(&gdata[OMA_ENC_HEADER_SIZE + 28]);
av_log(s, AV_LOG_DEBUG, "RID: %.8x\n", oc->rid);
OSDN Git Service
