From patchwork Wed Feb 15 16:29:03 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Vittorio Giovara X-Patchwork-Id: 2564 Delivered-To: ffmpegpatchwork@gmail.com Received: by 10.103.89.21 with SMTP id n21csp2044651vsb; Wed, 15 Feb 2017 08:34:55 -0800 (PST) X-Received: by 10.28.7.10 with SMTP id 10mr2896085wmh.55.1487176494956; Wed, 15 Feb 2017 08:34:54 -0800 (PST) Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org. [79.124.17.100]) by mx.google.com with ESMTP id z96si5696597wrb.48.2017.02.15.08.34.52; Wed, 15 Feb 2017 08:34:54 -0800 (PST) Received-SPF: pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) client-ip=79.124.17.100; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@gmail.com; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=gmail.com Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id BB69A689A75; Wed, 15 Feb 2017 18:34:44 +0200 (EET) X-Original-To: ffmpeg-devel@ffmpeg.org Delivered-To: ffmpeg-devel@ffmpeg.org Received: from mail-qk0-f196.google.com (mail-qk0-f196.google.com [209.85.220.196]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 71C0468077C for ; Wed, 15 Feb 2017 18:34:38 +0200 (EET) Received: by mail-qk0-f196.google.com with SMTP id u25so24006425qki.2 for ; Wed, 15 Feb 2017 08:34:44 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:subject:date:message-id:in-reply-to:references; bh=v8GdPXAL9QnCHJXl4QJxoJcSjf2sguDVIRyuaRCMzUA=; b=OiIXyM7ota86p2Vs7AgHNt/E9gKmDQWAisS0Es+9Zc0nlu84Nzvwvg0qSAnqWW0Upn Oq8n4TeY0wrI3xST+jwxDJ4HbkbSI9U8LAiLKcM8TNK5TdDMTarweNo6yWxqjk0cddn1 UbBaNE6dUMcaeektsnwVqyoeljpUESEJxul32/poXhZ6TfCkrwbm2IN+HgiT/DYNqEBF 6uVHbaBE9ebmYmH7SUPe/QtowFArP9uxNzplh7OOTm+E4vQwQPDpJ97m8O1cEYVX2zGE xCAmppKGDfxx71ag4w2fo2mb39bE+NzY91jopfcrpd3x8xv1Gz0mNbmW2CIMOMCBofBH jDKw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references; bh=v8GdPXAL9QnCHJXl4QJxoJcSjf2sguDVIRyuaRCMzUA=; b=ayJzRxmwr8MLzt1l6pn16wQ6l4mFfRThoSw/BI+2+Xjw1GBDqJ+pm4olctBNmceard DKee/xU77DhhFCCSDWmyRv4zaWVZfeLkQZZRgCbU/OGL1s5kiudDWWqWQQ7LVhD357r7 HaByVZEHl1rFHt4hxU7ygX1YP5yymxtXTKZs0G967C4BN5NAeIOFNbYr88yN1raoRDO6 YnCppp4MwrdZT23xNfMjSP/jNNa+BgcpnFghL1qJ7Cqnph7MpZFE5UMyBPMbJxTiNZej CySdvRxlTc7uBwxwUPipuu3DxUl4O7RmIzmP8mV/vajkvsCg4vCkqqu5wFUxvn4OTWjF Lq9Q== X-Gm-Message-State: AMke39myX5uS4xLQ95vliIfZi2C9IKf9UATavR70yekYffqK3DfjZoQ132nxKAG2LhJnOw== X-Received: by 10.55.201.218 with SMTP id m87mr9632668qkl.176.1487176147454; Wed, 15 Feb 2017 08:29:07 -0800 (PST) Received: from vimacbookpro.vimeows.com (nyv-exweb.iac.com. [216.112.252.10]) by smtp.gmail.com with ESMTPSA id s20sm2583735qtc.39.2017.02.15.08.29.06 for (version=TLS1 cipher=AES128-SHA bits=128/128); Wed, 15 Feb 2017 08:29:06 -0800 (PST) From: Vittorio Giovara To: ffmpeg-devel@ffmpeg.org Date: Wed, 15 Feb 2017 11:29:03 -0500 Message-Id: <20170215162903.36087-4-vittorio.giovara@gmail.com> X-Mailer: git-send-email 2.10.0 In-Reply-To: <20170215162903.36087-1-vittorio.giovara@gmail.com> References: <20170215162903.36087-1-vittorio.giovara@gmail.com> Subject: [FFmpeg-devel] [PATCH 4/4] mov: Validate spherical metadata version X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches MIME-Version: 1.0 Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" --- As suggested by James. Please CC. Vittorio libavformat/mov.c | 26 ++++++++++++++++++++++---- 1 file changed, 22 insertions(+), 4 deletions(-) diff --git a/libavformat/mov.c b/libavformat/mov.c index a1774b3..2efd51e 100644 --- a/libavformat/mov.c +++ b/libavformat/mov.c @@ -4623,7 +4623,7 @@ static int mov_read_sv3d(MOVContext *c, AVIOContext *pb, MOVAtom atom) { AVStream *st; MOVStreamContext *sc; - int size; + int size, version; int32_t yaw, pitch, roll; size_t l, t, r, b; size_t padding = 0; @@ -4650,7 +4650,13 @@ static int mov_read_sv3d(MOVContext *c, AVIOContext *pb, MOVAtom atom) av_log(c->fc, AV_LOG_ERROR, "Missing spherical video header\n"); return 0; } - avio_skip(pb, 4); /* version + flags */ + version = avio_r8(pb); + if (version != 0) { + av_log(c->fc, AV_LOG_WARNING, "Unknown spherical version %d\n", + version); + return 0; + } + avio_skip(pb, 3); /* flags */ avio_skip(pb, size - 12); /* metadata_source */ size = avio_rb32(pb); @@ -4672,7 +4678,13 @@ static int mov_read_sv3d(MOVContext *c, AVIOContext *pb, MOVAtom atom) av_log(c->fc, AV_LOG_ERROR, "Missing projection header box\n"); return 0; } - avio_skip(pb, 4); /* version + flags */ + version = avio_r8(pb); + if (version != 0) { + av_log(c->fc, AV_LOG_WARNING, "Unknown spherical version %d\n", + version); + return 0; + } + avio_skip(pb, 3); /* flags */ /* 16.16 fixed point */ yaw = avio_rb32(pb); @@ -4684,7 +4696,13 @@ static int mov_read_sv3d(MOVContext *c, AVIOContext *pb, MOVAtom atom) return AVERROR_INVALIDDATA; tag = avio_rl32(pb); - avio_skip(pb, 4); /* version + flags */ + version = avio_r8(pb); + if (version != 0) { + av_log(c->fc, AV_LOG_WARNING, "Unknown spherical version %d\n", + version); + return 0; + } + avio_skip(pb, 3); /* flags */ switch (tag) { case MKTAG('c','b','m','p'): projection = AV_SPHERICAL_CUBEMAP;