From patchwork Wed Dec 8 20:23:55 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andreas Rheinhardt X-Patchwork-Id: 32199 Delivered-To: andriy.gelman@gmail.com Received: by 2002:a0c:cdc3:0:0:0:0:0 with SMTP id a3csp980583qvn; Wed, 8 Dec 2021 12:24:21 -0800 (PST) X-Google-Smtp-Source: ABdhPJx11T6HkiqLfoGpIjwjWeMBy0HT7kppckuZR+6cA+LSaeBDaqqkDTbUJSoOTkIN7yG+QuyT X-Received: by 2002:a05:6402:8c9:: with SMTP id d9mr22279157edz.254.1638995061784; Wed, 08 Dec 2021 12:24:21 -0800 (PST) Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org. [79.124.17.100]) by mx.google.com with ESMTP id he34si7035222ejc.421.2021.12.08.12.24.21; Wed, 08 Dec 2021 12:24:21 -0800 (PST) Received-SPF: pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) client-ip=79.124.17.100; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@outlook.com header.s=selector1 header.b=tEEVW2Ic; arc=fail (body hash mismatch); spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org; dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=outlook.com Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 11C7B689734; Wed, 8 Dec 2021 22:24:17 +0200 (EET) X-Original-To: ffmpeg-devel@ffmpeg.org Delivered-To: ffmpeg-devel@ffmpeg.org Received: from EUR02-VE1-obe.outbound.protection.outlook.com (mail-oln040092069030.outbound.protection.outlook.com [40.92.69.30]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id AD131689734 for ; Wed, 8 Dec 2021 22:24:09 +0200 (EET) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=I8GHN/FBgFm8z2nUaE6Dzi7fgZe9VAEmZeOPZHQ7grMZhVZUKshd7/FK5Qs8X33pQ0qEgxVb2ZJLhCP9egWIwBaWDgK59qig6tTQYJxYGj0yaL1tnlHv0vbvjC6IrYjn5HOcoxB2+xLvzL+vk8v9P7wBmL8tZhlXc3cfIlgV0ddunQ389mzVZFwBr1DJgO0wv9DleQbVUiYjFc6xBqDBCvDexFt+xZgg9+cxI9RtEZFkdwdpvrYqL4Lfugx9vB2vI+bHSWNWcV1TSXzJPlv/Bj1lgC+z1KpBoX94F1Hf526TF21QfzhXtgTw7sbOBp1gr8pukm5ZDEKh9NK+AavHCg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=owgci6O4Iv4PLlzJ2xjObp/rY3QVMIWYEMw41nVTbbY=; b=lTxiRnfptYA1EpE4SVgz5du25vTXX5HZDg5is4vhN8B1R4ldKdIYhE/+w4oA+mI2YLm+OcplPMbxM06hfPjKvL/98ead+BySjJgDbMBw9lRU5z21DUTZBK3hzFSL3fhxz6/bxJAlIHxIG716KlpDy5PEMwQOf4wVtGGgt8L3vhv5wPq3O8pbySdAdI06YAmOgYPbRcKw1ygemKaSKe5ZImXBJ6xAx/Au7w9YShyPFWYbP6Iw7g2YBXoAxBW9Yc6LwB/jtmqdVKB732jvjcJeu+0CNQZBt2o7ZfFIgTYPE6KOEx0hRkfeH1iYfFL+Hd86mDlHNyQTUG4Kd9zHJqfHIQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=owgci6O4Iv4PLlzJ2xjObp/rY3QVMIWYEMw41nVTbbY=; b=tEEVW2Ic2oOIMSNfOtMS2p0ajgmONVu/mBlgK7EAnNTQaxqb3mhWR0AXjizJugHPWJlHc1rkiurKZHSfp6CvV4fCbKwNHOriXawMgi/6JKS0v28vGNOZoh91DGrFUEXaSFmw6XOSg+B3fX5jWTD5uCnFOpTKl6zouIB0PcR3eLaZqbNh0lUtYVVepzACf5BWvICfbXteOF4NdIDj/ez7Kwqi+/xn+HBVlDiDkmBU2u516m54BXsyqlWpyYWx5rFqn3dcOxqMGzDdTYiWm91ufMNzYGNmdW+OPkz7/9HFkrJPVbLZmgbvhRiWgDpDGIin3ItK6tU+u8whyPympiRDyQ== Received: from AM7PR03MB6660.eurprd03.prod.outlook.com (2603:10a6:20b:1c1::22) by AM6PR03MB3832.eurprd03.prod.outlook.com (2603:10a6:20b:18::33) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4755.21; Wed, 8 Dec 2021 20:24:08 +0000 Received: from AM7PR03MB6660.eurprd03.prod.outlook.com ([fe80::f0dc:92f5:6bc2:45ca]) by AM7PR03MB6660.eurprd03.prod.outlook.com ([fe80::f0dc:92f5:6bc2:45ca%4]) with mapi id 15.20.4755.024; Wed, 8 Dec 2021 20:24:08 +0000 From: Andreas Rheinhardt To: ffmpeg-devel@ffmpeg.org Date: Wed, 8 Dec 2021 21:23:55 +0100 Message-ID: X-Mailer: git-send-email 2.32.0 In-Reply-To: References: X-TMN: [0vcHNe5WhkXh1IBzkDXfqi0fiectSjRO] X-ClientProxiedBy: AM0PR06CA0089.eurprd06.prod.outlook.com (2603:10a6:208:fa::30) To AM7PR03MB6660.eurprd03.prod.outlook.com (2603:10a6:20b:1c1::22) X-Microsoft-Original-Message-ID: <20211208202359.593906-1-andreas.rheinhardt@outlook.com> MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from sblaptop.fritz.box (188.192.248.74) by AM0PR06CA0089.eurprd06.prod.outlook.com (2603:10a6:208:fa::30) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4755.20 via Frontend Transport; Wed, 8 Dec 2021 20:24:07 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 85fd606f-c911-4a16-88f1-08d9ba88afe5 X-MS-Exchange-SLBlob-MailProps: gjx25WM8ZNUJNPNrsFw39+IRsSLFO7mfcGYzvKkuOyqQUvHHObNiiAf5B4lE2jv+TY2wxvbTvLhUpvO6omz/qVZK7JCTQuILMKJu3KDyesgCFLDJHBDOJUghLOtC/piTElQwPb/rZ2ZcMB673uWBv6cI1nrzJ65i07jyUJmoyX1OTP/wyLHsLbFwQ6rudqasjttkRuxGo5b1xEgKLxEx/SFC4uTeJ0jfykz6GVd1+wG+5fZIzc8K3dgCORdv6WlxlwwNcpq2xL041ECG2sL0IBYM8v/tLDoPVX7cvdLRE7RAqCtea7R40Tve9hVHGrtP5Lx0tuyyxhjEO10R53Y3gAvFIvejh3KXKIpympw7G8Slv7cM2VKytg+13HJXyzbvNKvFb+TIcxPtXGZ96FF5tgLErOkak9SP0g76e/2jVyPuFLWOt6JjRxHDCZGmNnYyUowOeskv+DER3zKYoHU5v8hyI7QS5NV1ftiiu5HdQgpjxOXP6dG4JcZq/N8HpJkxe3o9RqDp3JTh8ASzxCFFymGgxMqCsAKFEhHUfmSSvymGmDtj/gMpPUDMn3w8wfxvN0Z+N+XTx7eOUo52aTzTPHYRmNNRXFAx0v27wF3smN6cNu21zssSpHehH6QJU2z9uwbEJ4YqjKUEWjetdM2C//iPiZ/0tUSwWkcPfGk8UU5w+C7e339kLeckj7OyKraSjL22bC+aCGHoDZ5c22w2TNNIbUBiM/H/hRMLalLH4CQ= X-MS-TrafficTypeDiagnostic: AM6PR03MB3832:EE_ X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 7oeHvBjkAYxRNF3NnN3WL+0Dje27nyzDGXhgLWdldzITXTgFFpTr9/76iRGKwBGNkwXMUmAFUN07VNWRS9Pg2fs9d5xOgfAXpr8/OGkFp0eLBCBOqm7g1YyhETa+oZg1ifrnQps3Cxn5KYl3v4YpsDj/Fl9K7ABQVRDFbkxNT2FSVVUwmmzi4E/ItsH6GtkGy/L0bhF2sZGd4rswYRsCkRVyGdKUMXK2kN8xzwWo4SPtFvtP6bEte+TL/zqegHbx7XHuqVL37svTrEtehPl1v6kx0XCMMtrNIK5m/cqfYkgyu3RI4pI4tJjcbuXHwac6AjH4dNAuErK1DvkelfMA8UUZ0h7BXPP8boi2RMI+h+UZ5Hqpbb8onPOi3vReBsrmRTodZqSXyihnmFDQbGmv/earE9kVIbXKKjcsUi+GC9BgHOb9pm1soMuxMW2GdYUK9h3EMLbGbnf4rBbQZ1m2auVxc7yC3TeVvm5gitubms0j6mvUGhaESMXhIxZfXVvuunrT6rdmLjDIXI5qJQN+JO+OBP9dvqJmA+/rLTA9WeIB4A+cv3QoYxLKbKa9iI3D2jKlp1AxLXXwCgFz9c79lA== X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: j52rRmOlTuMNjcvFLap+cT1rm23vaa2bKSGl63qLvBFCGaGiyPjx5CsixzWZb0H1qFsY4fPeEIysVeSAN3hq+EKAPwnYg6NYqFk4yV0lS+vb1i346Z+02ZhCZntluwKWDJ9dJolHokCS4z15G95ovpXBCPGtd5eHcQp9x8jk4gdM31I2j4BXQxcmM56QibJ8L3i+cMsdJI552uXbCUilD/X3GqeH8hkvk6G7gURtWwfTyOFt/HZ2lWRx+5SC2CTsw9nKANNyeXbIkJZrJGDATouP7qW3GnVG/yBTzwNqfcuMzuQGQp68SzVJSJmmwvogiZs9uJWYIGyegcp5hyGlXZAVnHgG2Em3oer4+IZhNjd1FYHcCN/qkVY853+m4/0oKiA/zjEZxq4USke+lMWdUdBPIz4HZOzkYvP2Dl7HDMao15zLl/rs5Nd/EEek/3gyjDR7NZ5HUldKeIS2wMFiEYRXcnRAHGlPO7WFqmWDXUmfwETjaa9n5TecNnBqOXku/vmbhofUhBH7UeEq1/bfgNkLz1dCC7KOqltM0kyxLy5d5/UvMpgAWX9yjaOym709gT6yjhyoCtTlL4uO0UyvdPXHTCInttRYC6yKLZJ5H71L73D0T3lb/Lu+AFQmFaM881mzlBOYsCKZsPpGYLL8xF5ur4ALh2hExv3AaXVvlH0eaCYaNmoHqBvrJ8OZjUIlYeyt6aPDZEoPgbTJOOp3tCTdeIZ9OUx0VDdTT9oAL+lrcOxWRymimyQ3uiyvWCzpJttyDYyDsUgmDcD3Ggf5MJErdXSRmz0aLua1WiPl66/oeVFLkrUgsL88Yz6kj/NptyDPrCDmzVGjmbo34CrJMxb91yB8axtOG4bLW8JXhedO0JgAVxnBXRsmo4EQ1V7HrwhzHzsXZlyimClryHvgjV9Xso3VJtbCz1dK/6KctNYaVfTVdIm109+st+KvqIWjYbAbM0NakF0GQuTW5Anmvw== X-OriginatorOrg: outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 85fd606f-c911-4a16-88f1-08d9ba88afe5 X-MS-Exchange-CrossTenant-AuthSource: AM7PR03MB6660.eurprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 08 Dec 2021 20:24:08.1978 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000 X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM6PR03MB3832 Subject: [FFmpeg-devel] [PATCH 2/6] avcodec/movtextdec: Improve size check X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Cc: Andreas Rheinhardt Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" X-TUID: lGMmmKV6ZTrK Content-Length: 1373 Signed-off-by: Andreas Rheinhardt --- The error checks here are btw a bit inconsistent: Most errors only lead to a break; in case of errors from parsing the boxes this just ends the box-parsing for-loop, not the outer while loop (and is therefore actually redundant, because for each type there is at most one corresponding Box entry for parsing). Yet this is different. libavcodec/movtextdec.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/libavcodec/movtextdec.c b/libavcodec/movtextdec.c index 8dd571d64c..5083308d58 100644 --- a/libavcodec/movtextdec.c +++ b/libavcodec/movtextdec.c @@ -537,8 +537,8 @@ static int mov_text_decode_frame(AVCodecContext *avctx, m->size_var = 8; //size_var is equal to 8 or 16 depending on the size of box - if (tsmb_size == 0) { - av_log(avctx, AV_LOG_ERROR, "tsmb_size is 0\n"); + if (tsmb_size < m->size_var) { + av_log(avctx, AV_LOG_ERROR, "tsmb_size invalid\n"); return AVERROR_INVALIDDATA; }