From patchwork Wed Dec 2 04:22:31 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andreas Rheinhardt X-Patchwork-Id: 24308 Return-Path: X-Original-To: patchwork@ffaux-bg.ffmpeg.org Delivered-To: patchwork@ffaux-bg.ffmpeg.org Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org [79.124.17.100]) by ffaux.localdomain (Postfix) with ESMTP id 111DB44A7AC for ; Wed, 2 Dec 2020 06:35:24 +0200 (EET) Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 6EF3D68A5FB; Wed, 2 Dec 2020 06:24:37 +0200 (EET) X-Original-To: ffmpeg-devel@ffmpeg.org Delivered-To: ffmpeg-devel@ffmpeg.org Received: from mail-ed1-f67.google.com (mail-ed1-f67.google.com [209.85.208.67]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id ED28B68A5EE for ; Wed, 2 Dec 2020 06:24:29 +0200 (EET) Received: by mail-ed1-f67.google.com with SMTP id ck29so1163748edb.8 for ; Tue, 01 Dec 2020 20:24:29 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references:reply-to :mime-version:content-transfer-encoding; bh=FwslljsjYn9EUIom7PQxCaoM7l5TBFYxIHFqcK+x8dU=; b=qiU1cKVH2LMpwpPcgAyeyqViA5ES5i+OXAmYiiGupfuacI20zKaG6PsyhMSgmOFkO3 WEn/q3PeuLRzx4S5lZFEfBR7ru19SzQJkcelcXkXF7ShhT5ftNlZN109Nf6PF8kXxxA5 7EzuZm71XTsQG5QTxnFDp9iQ6BKYkgFXVfobIADaInrWOzPUdWzKcrxXunJC1WA4tR+0 Kl8cOvMt2nDhfU9KOAy31pNvgbYGXhdF0jZFldnukkCl/ThMaOLlTASSJ5jIZQdb22Y9 rNXzLsvulmkRcPX73azeDAPYLKYU+luyW/r2Wb0QpjdvAAy4Cv9egKj395hHHaFjMKRs GLaw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:reply-to:mime-version:content-transfer-encoding; bh=FwslljsjYn9EUIom7PQxCaoM7l5TBFYxIHFqcK+x8dU=; b=EPPx0g36kVRiSXiS4aNJuBcpaERyeRuFISYc2sFG71Kfi1qHtxU8yEklEO1eQUrixU 8jgdSeTKmenNU/NSwpy05hIrRJVvHxv7Q0A/Cr79Akay9XvTvpDgyALBC9JaHRzHzdTl O8GMhcpTh+ahkcQGZpz/gamsxNBoPenMp/Domj9tt88xKYv2V5Zs37h2gwrUvphk/Ldw yFDWcNGKsuwh9yvxverDl/2+31Q8zaub9RuuK0QMpch9Kt94id5osYcXu/ICzg4WCOHP 86tdwKGs/b/Had8lSztE3msBB+PVATN63blyMDrr7QV8D+flyMcG2wSe1+uYNO6o1/Eg MsRw== X-Gm-Message-State: AOAM533Y913bf2YFLwlmfRu7E5WvdRTUg3OX6KnAl1HFPLt3f1BbwbOM Z6dFSmPvHzBkCApZykGZAXKzKzmF/JYZSA== X-Google-Smtp-Source: ABdhPJzHxwDkA6Rp5rwdyeU5WtMCiQB/k8H5uDK9y8DrniL2gO8D0Tg4icwd/ICS6emL1fqjOCJvzw== X-Received: by 2002:aa7:c94b:: with SMTP id h11mr836506edt.322.1606883069319; Tue, 01 Dec 2020 20:24:29 -0800 (PST) Received: from sblaptop.fritz.box (ipbcc1aa4b.dynamic.kabel-deutschland.de. [188.193.170.75]) by smtp.gmail.com with ESMTPSA id mc25sm265087ejb.58.2020.12.01.20.24.28 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 01 Dec 2020 20:24:28 -0800 (PST) From: Andreas Rheinhardt To: ffmpeg-devel@ffmpeg.org Date: Wed, 2 Dec 2020 05:22:31 +0100 Message-Id: <20201202042244.519127-70-andreas.rheinhardt@gmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20201127010249.2724610-1-andreas.rheinhardt@gmail.com> References: <20201127010249.2724610-1-andreas.rheinhardt@gmail.com> MIME-Version: 1.0 Subject: [FFmpeg-devel] [PATCH 204/217] avcodec/ass_split: Don't presume strlen to be >= 2 X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Cc: Andreas Rheinhardt Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" Fixes potential heap-buffer-overflow. Signed-off-by: Andreas Rheinhardt --- libavcodec/ass_split.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libavcodec/ass_split.c b/libavcodec/ass_split.c index c2c388d9f0..189272bbd9 100644 --- a/libavcodec/ass_split.c +++ b/libavcodec/ass_split.c @@ -376,7 +376,7 @@ ASSSplitContext *ff_ass_split(const char *buf) ASSSplitContext *ctx = av_mallocz(sizeof(*ctx)); if (!ctx) return NULL; - if (buf && !memcmp(buf, "\xef\xbb\xbf", 3)) // Skip UTF-8 BOM header + if (buf && !strncmp(buf, "\xef\xbb\xbf", 3)) // Skip UTF-8 BOM header buf += 3; ctx->current_section = -1; if (ass_split(ctx, buf) < 0) {