OSDN Git Service
(root)
/
android-x86
/
external-ffmpeg.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
c495f4f
)
avformat/mxfdec: Check size to avoid integer overflow in mxf_read_utf16_string()
author
Michael Niedermayer
<michael@niedermayer.cc>
Fri, 21 Oct 2016 17:45:21 +0000
(19:45 +0200)
committer
Michael Niedermayer
<michael@niedermayer.cc>
Fri, 21 Oct 2016 18:06:29 +0000
(20:06 +0200)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
libavformat/mxfdec.c
patch
|
blob
|
history
diff --git
a/libavformat/mxfdec.c
b/libavformat/mxfdec.c
index
cdb5c4e
..
d2166ee
100644
(file)
--- a/
libavformat/mxfdec.c
+++ b/
libavformat/mxfdec.c
@@
-717,7
+717,7
@@
static inline int mxf_read_utf16_string(AVIOContext *pb, int size, char** str, i
int ret;
size_t buf_size;
- if (size < 0)
+ if (size < 0
|| size > INT_MAX/2
)
return AVERROR(EINVAL);
buf_size = size + size / 2 + 1;