From patchwork Thu Jul 6 21:08:28 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andreas Rheinhardt X-Patchwork-Id: 42473 Delivered-To: ffmpegpatchwork2@gmail.com Received: by 2002:a05:6a20:3b1e:b0:12b:9ae3:586d with SMTP id c30csp6811453pzh; Thu, 6 Jul 2023 14:07:37 -0700 (PDT) X-Google-Smtp-Source: APBJJlHseDsGq6o3YSi0zDTyh5CLsskE4GSMlHZIEPTFaNhAEN8Swl9Pb+lfQ59iqc0MRr5EYHAn X-Received: by 2002:a17:906:7395:b0:98c:d355:bb38 with SMTP id f21-20020a170906739500b0098cd355bb38mr2551309ejl.11.1688677657556; Thu, 06 Jul 2023 14:07:37 -0700 (PDT) Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org. [79.124.17.100]) by mx.google.com with ESMTP id rn6-20020a170906d92600b009930253bc63si1262897ejb.1024.2023.07.06.14.07.37; Thu, 06 Jul 2023 14:07:37 -0700 (PDT) Received-SPF: pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) client-ip=79.124.17.100; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@outlook.com header.s=selector1 header.b=rfpRyddr; arc=fail (body hash mismatch); spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org; dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=outlook.com Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 9127168C765; Fri, 7 Jul 2023 00:07:34 +0300 (EEST) X-Original-To: ffmpeg-devel@ffmpeg.org Delivered-To: ffmpeg-devel@ffmpeg.org Received: from EUR04-VI1-obe.outbound.protection.outlook.com (mail-vi1eur04olkn2089.outbound.protection.outlook.com [40.92.75.89]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 26A6C68BF58 for ; Fri, 7 Jul 2023 00:07:28 +0300 (EEST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=VOvbBi5T8UBR1QKz7OhLiVPTlQco9r4MPIi//aGa2axhgTLV6/iY+UcDkjYBC8rINFN3+CFzqG6pIoFmKDdoq6i9esu6CC9kwjaV89Nt4boi0pAOJOeWDPJ/eJOp//lDpiL/zS240bTCn4vqQciCb7d/g2i7kAQwfjvwnJ8RcGPVX8rYaZ7DsuOmPa3mgTjfOcOlYZ7oZpa7RAQ/vl46hVAr3un8FYrG2YYfPzdxpH0ooumW343mHbBJhltsAl8ZTqQL8hEHPxX0xMAdfqwjoWNFM2rFcJu2j/4Gz/gEo00IEfQlm5iBKEPwBoLDb6ktY8frPzTKAfbrhLDKFf86eg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=FC+d9oyToBSI1XTebsj7SQCNnHZS4szMD6iSdFzPM3M=; b=dBKgsPd/xyK8iwCTmajLlzOgxx/lGGCEn5qNfqOkWVfRQr1Ko6ZM8CdRg5t5hLKN7rJEQhtBHpudBlqKOQIcPLWweXE4DspabU448IoCaDfcUgE1QPtpUYYpH4gEosKGHvJj3gdLW3iRuYbXF2rV/w+3WQ7e4ADGx4QMdsY1EaMucYJjJ5Nv423H8wIEsgRf/EXda4QhFeJK8pbS7GQnlxVdK0vlnVom7uymiXOI966ZM3VNJPpsLiGtkwRoDEIx6lXgTVwuV8PAhZG7hbxBf0YPBrcYYRPYDV/5GwpKdUuf5y9JPgdpgWZDB0nVb0G7NAw8gGX8401zdwC8ukqg3g== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=FC+d9oyToBSI1XTebsj7SQCNnHZS4szMD6iSdFzPM3M=; b=rfpRyddrfe/2dNhSTkAW/bP4c8qxCo1K3vJw4sGq693kTSJPZM4lu6jJ2R3+4wjxPcRpaGBc6KMUVSGnB0Paa+71zem4FgiB9DtFoFq1eFvBVdeslsRyHbxn6pouaJPpMCu38paIqPTB5nVH58NV8mkyUBOo+4eggC4SkiWV79vEo76yfewDEmtnnF7Fn/wHwLsPgO695c26eRziEp/9+2mxA9w4JUU6OhZ+UyZwggMy1BjlNcvRKL2Nf+KhxTz/qPt0tkzdihOmbVy+hAwlaIhkYA/Xzw3p43T03loF1S94T8WvGnOTpfenjZgoxYwpyKXGg5AWoxgCd6pIt69iSA== Received: from GV1P250MB0737.EURP250.PROD.OUTLOOK.COM (2603:10a6:150:8e::17) by AM8P250MB0376.EURP250.PROD.OUTLOOK.COM (2603:10a6:20b:32b::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6565.25; Thu, 6 Jul 2023 21:07:26 +0000 Received: from GV1P250MB0737.EURP250.PROD.OUTLOOK.COM ([fe80::8f13:2ef8:4559:907]) by GV1P250MB0737.EURP250.PROD.OUTLOOK.COM ([fe80::8f13:2ef8:4559:907%6]) with mapi id 15.20.6565.016; Thu, 6 Jul 2023 21:07:26 +0000 From: Andreas Rheinhardt To: ffmpeg-devel@ffmpeg.org Date: Thu, 6 Jul 2023 23:08:28 +0200 Message-ID: X-Mailer: git-send-email 2.34.1 In-Reply-To: References: X-TMN: [Uo9jSThSxi4G8A5mUIEAgiLO2Dz3HYaU] X-ClientProxiedBy: ZR2P278CA0074.CHEP278.PROD.OUTLOOK.COM (2603:10a6:910:52::8) To GV1P250MB0737.EURP250.PROD.OUTLOOK.COM (2603:10a6:150:8e::17) X-Microsoft-Original-Message-ID: <20230706210829.2162011-1-andreas.rheinhardt@outlook.com> MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: GV1P250MB0737:EE_|AM8P250MB0376:EE_ X-MS-Office365-Filtering-Correlation-Id: bee314fd-55be-4b59-dadd-08db7e65003c X-MS-Exchange-SLBlob-MailProps: Vs63Iqe4sQndKyqL8642oGsqqqxrclgckbU5QCGR/p+KT8LimJRUszYl7YKjqnpKUL6qVcSiLyM6dfKNmMmdUkKpbYhPSy32gqBiXzbrGrJDfPOZP/V1zi+TpSNmqbxtL9hyWwy/Uap3L8qOY5Cw8qjf0Y0poc2PYHKscbKCwq1VXC+jKSsXe2l8QdnkbJsvZTVCFWCtpKrwWK7SeNv+gNj7WODz0etNo9/agc/iIJTvGsD/iePV94JkrS2BILXJdid94rPEH6564uO3CRqx2Hob6REzJsDwUQQfDwGPdsFsEoDz4UBbZoVXftXNbPC/Qb4YaHhdIn9sBu/P+i/SuNArz7PRjSSvGpQ10DJfORep+VkwZOKAMnqQikuUO7vTr8Q54hTQV9uJHLjSzJMb+2YpMYHm/MM+4ClCPjgPtuGu/BgxETF3yR+eljyc+/t/ys9I67DayVg50Vre+R0xs4dX63R92x+XRy9mt6IgrZ57kYPo7K1L0YGhI+rxjrvaoN5zyEFVQazLWE/lqykbJtliLQYCW3zDYrUyo0rR/a0EnTR0bMVhrCAvQb8xyqi1yENT812bS71VKqF0NOqVkd690dzjBKklTmOboBGHr+PF5Pp9ftlbMyMT0K+4wbdnKKY3rJ9L8sCjFMSj4f+4yq/hVpyEPJKGEBHBmzJVBMndBB7Hap4j0Rwn6PvCfilA+Rbi8xqlAqg92Gua/rIMDW15YOysaWkkwR0QYt3hE4E= X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: CVN/e1QbJXoiapchgg6JL2JYuJX9lh839vo4i1+BATALNc37alIW0wOZxCRvSFiM8KpI2Bg9Rs/E+hwWgJmCmG+DXfYsJ7Tg67M0oeQxZSnrucTNf0xCYVdAUbjYFk330JCpepmoChmBcrLU8EkPCcpNPqXbX7Q8ExnQhfdMPK7l4LNJUVl/9JOPThjOZrMRxfWsxpfhL3jYNGjazxuQ1GBskrpH6ALk98xbq0xEDXPkYrQkeKg59c3byPtRgfOZeZP1qS9QBxzgtIwlS3V2LyTYdQAxnv9dv9WoEy7gM1/Haqbi4lNfJH6WbYZ3SJMOgna301Y3QD4kSpwkX3BL2UeFmXrdWQe99Xw/pyFIvZXBD+IUUV4iAnvCFvGmwUFW/akiHvQiLpkDHQavN84Lqab3BU6E9WZ2AMtCLtwdwR6nNWrEYCKQXHiFAh8GVrnlLCRxb5dywWGdjMbEOXnI92iL7R7hhmSMVrVKMqY0bxmcxtTLetT5tVwanN2zHqCHd+9WQWuBz7DZdClR+FIb197MTv8yiJpcekBJHux3/q3yUzqXbm6LA6KWslFbAr5MiSOJyxKF/JBzGJ/qr7u/R3YKtHAmIAnPrID4E5HH4/O/s77lERB2KUXWia0VySal X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: 4ZA8yePU4hi+DS2h7iUyOr88zTwm76WXUfqP7POv1oQHI0gMOunXmBUUxO60UAZ2oHzKj1IweEdGVXQER5k0ocf4J0ZToQZqEfTst67aX7F0oGK7Zl1tqDNNSajAvjqiGD9+AByDo4BUaUbeCgLYKIQ6zGQNmZvHLZIdfN+LmXL+Uq71fO0mLvAE15QLPCQ9Osjp65zqxsKn5KdjJ6Ph1SJf5ACOPW/OReoi8whKB/aNJ/+tT/70X1sQJkPMh3oHiIu/6qe0luxN2kYoqoFbCIkIBwtGMjMuZlYV3tgFBor9CLZdNKoK9tUMhRB2u/IPJo89DfMEQKmfc8Ug7w5JYT9Rt+wFQXqZZ8cbi4bC6JljsuNUugdHckkDiOJvjjzwWQ1JWvIUSfbWGtxqhyl5j0qLCBplA7AKlJeJYit88D8LEG3LSYR9yievtEjCh/XEQlzmQvwDlYPyN4RDsdwKFCKN4gduppif5qTibdE9+t8F2bACRVHW72cAldeN278GuxTtMvoyGd1NEubE6dgmd8xsuOwGr5pxAvc21bQYtwY7HzWJiRP+iVfCQeC1Mipm3sEQznAE94aCp0hu7Fj+jFQ6c+aVzBlZvPCDyd/mXwEfVB1j+APZmKwKdtRO4ojYujIchn0XrEVTv2NgVl7EcYi6eW2AWk1vQMtMp5pp5OunIFM0EwBdKVo7CwhJR7qEhQPajYG/4n6HrO9beCe4m+nF7naxcLJwdwMYFQqsoWem/XscZLaTqyESb6jsG/OxkKGN6QPrS29VdX42Qy87OO/nc+hsASLlLPWrdlQkLlrwBviPDycM7gBloyxFOw+ud+EukcVueRh7o2h5nSebhnLjTxWZfyTnCOWP+jwfd0I/DCe7PjI3by7ipN1BORCIV94LCjvX+KXmSNf4w/2xXAtl1fDe+eP0lOngL84CzGOt9Y2wJEMhC1VaUL0hObZWPUgSKTqnNX7UwWG+gzS9m6R67RuJBnQKCQROnmo8dgTTqzwfHWbYZOxFM0aiTOmbv/JOe3DgSGKYYiUo7RaT6V7o1pS0yEjB0Ya8lW//1TZ/fypuFKqL5Bm6eoiquSZj5QqSZcuombQPZ9fXGB7YRfh0Fslxth8XGdU/ArMPYrjnBVyKTGAWXAfkVELJ596FFXlsHCszRx9hxXvSUIen/Tx+JOQ3qUtiRBglzWUmVoyM2gD1rGQOWoaQrbqXuxYLZR70jt0yYmeoQ4ZZ4FWxOP05oT+FKyA3hJZUNR6y/Z/aKBXUhKfgR56n6CCN4ped X-OriginatorOrg: outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: bee314fd-55be-4b59-dadd-08db7e65003c X-MS-Exchange-CrossTenant-AuthSource: GV1P250MB0737.EURP250.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 06 Jul 2023 21:07:26.6833 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000 X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM8P250MB0376 Subject: [FFmpeg-devel] [PATCH 2/3] avformat/evcdec: Check that enough data has been read X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Cc: Andreas Rheinhardt Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" X-TUID: NE7HxmYxATBs Fixes potential use of uninitialized values in evc_read_nal_unit_length(). Signed-off-by: Andreas Rheinhardt --- libavformat/evcdec.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/libavformat/evcdec.c b/libavformat/evcdec.c index 9886542311..0f464930f7 100644 --- a/libavformat/evcdec.c +++ b/libavformat/evcdec.c @@ -162,6 +162,8 @@ static int evc_read_packet(AVFormatContext *s, AVPacket *pkt) ret = avio_read(s->pb, buf, EVC_NALU_LENGTH_PREFIX_SIZE); if (ret < 0) return ret; + if (ret != EVC_NALU_LENGTH_PREFIX_SIZE) + return AVERROR_INVALIDDATA; nalu_size = evc_read_nal_unit_length(buf, EVC_NALU_LENGTH_PREFIX_SIZE); if (!nalu_size || nalu_size > INT_MAX)