Message ID | 20240607003215.1723906-5-michael@niedermayer.cc |
---|---|
State | New |
Headers | show |
Series | [FFmpeg-devel,1/5] avformat/mov: Check requested_sample before using it | expand |
Context | Check | Description |
---|---|---|
andriy/make_x86 | success | Make finished |
andriy/make_fate_x86 | success | Make fate finished |
diff --git a/libavformat/rdt.c b/libavformat/rdt.c index 60449d256a5..2fa53d34a8d 100644 --- a/libavformat/rdt.c +++ b/libavformat/rdt.c @@ -206,6 +206,8 @@ ff_rdt_parse_header(const uint8_t *buf, int len, return -1; /* not followed by a data packet */ pkt_len = AV_RB16(buf+3); + if (pkt_len > len) + return AVERROR_INVALIDDATA; buf += pkt_len; len -= pkt_len; consumed += pkt_len;
Fixes: CID1473553 Untrusted loop bound Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> --- libavformat/rdt.c | 2 ++ 1 file changed, 2 insertions(+)