From patchwork Sat Jul 4 16:51:53 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Zhao Zhili X-Patchwork-Id: 20803 Return-Path: X-Original-To: patchwork@ffaux-bg.ffmpeg.org Delivered-To: patchwork@ffaux-bg.ffmpeg.org Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org [79.124.17.100]) by ffaux.localdomain (Postfix) with ESMTP id E811E44B99A for ; Sat, 4 Jul 2020 19:52:06 +0300 (EEST) Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id BE31068B213; Sat, 4 Jul 2020 19:52:06 +0300 (EEST) X-Original-To: ffmpeg-devel@ffmpeg.org Delivered-To: ffmpeg-devel@ffmpeg.org Received: from qq.com (out203-205-221-190.mail.qq.com [203.205.221.190]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id D28F568AEE4 for ; Sat, 4 Jul 2020 19:51:59 +0300 (EEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=qq.com; s=s201512; t=1593881516; bh=gy9Mip943yMeDrZK/XQz1Ikm9ancpSMKvcVVv1GezEY=; h=From:To:Cc:Subject:Date:In-Reply-To:References; b=ZonVHzlHQhDLmoVJcQveA0TleJrnSViMji0hHOi7SPPzqs6yp0cobvitikO97b6Ea q/Dgk0p3Sn21Q3AcNQi4YayO8oVUD4F0RE+e4/DeuzAdI0vS6pcU0bZOzPPoHw+G/W jSnTXIEFe9yBev26g7PSiM/cY5hoabTId2yR8lgE= Received: from localhost.localdomain ([27.38.241.30]) by newxmesmtplogicsvrszc6.qq.com (NewEsmtp) with SMTP id CF600011; Sun, 05 Jul 2020 00:51:54 +0800 X-QQ-mid: xmsmtpt1593881514t9jw0ia83 Messag-ID: X-QQ-XMAILINFO: NJCYAfTHUAk5HAR+Yorm4jjmlqqY7h8OtjKVPiwCD9+3OnWS/u/f1zisQzO3iR Nya/BvawLwBnr0tcyfuaCwgaD3mCRoV/+qAOeMnRCjF8c9mPMaD1kbh5eSqv6wl5sfEzpDW7l8Og cjaEKTW/djOM3PP2VvfDrlCMjbaph894z+GOY+4NVK6oQl3YnQLYnKeep9N4nJH+DK4PS1ePB9VF wzA8j3xV+Erg00npVmsQ+AdKp4CSgg5F/xIJ5Ch1aZE8xp9Dhi4pH1p8uagTHzJ3Joc96MAysbRr NGdK4uuWjdhtdxJoctQo/0A26ZnR3HJut6wTa8PaO/p+UcyedObbaRhBGP7cEhXDg5+2EWVBz/vf 1L9OgGwWWRNGa62sOHe6alyX9yzuT9rfhmOdxaGDcOP3lJLgYkeCu0EHYihYV6g0LMx8WV81PHmB mTSIT3vj9gJLnn+sZQN/S0LyDVpR36oy/j+IeQtmwzPSGj4CL1lJgik/azU6TCdOKaQ+I1ecyvfc i9buzHpn4mkU1hpdjepSXjYYX9Mhq4qiq7e3dsocqIq0afkYAnJXTTKAEEYs9f0I/EW6jP7iRmvb dEyYQTWTueJ6YYFkUdv4M0T/2yMibBMiQjUNNWYgJHDeqORU+7jyPKpG6RZxa95AMz0YkpZm3Hna v+VzFf2nviWy5bsswM0Nv73HvGLKyNqht9NF3tD/gkfVjyQ0q+yV2aKGSGYgEkgF6BNncgSvXyV6 jis02WOPemhBfEL/9WXU09ohqLnkgKPxczt5aOdhjVf/s= From: Zhao Zhili To: ffmpeg-devel@ffmpeg.org Date: Sun, 5 Jul 2020 00:51:53 +0800 X-OQ-MSGID: <20200704165153.415982-1-quinkblack@foxmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: References: MIME-Version: 1.0 Subject: [FFmpeg-devel] [PATCH v2] avformat/mov: Fix unaligned read of uint32_t and endian-dependance in mov_read_default X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Cc: Zhao Zhili Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" Message-Id: <20200704165206.BE31068B213@ffbox0-bg.mplayerhq.hu> --- libavformat/mov.c | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/libavformat/mov.c b/libavformat/mov.c index df5bebdff1..da438e4e2c 100644 --- a/libavformat/mov.c +++ b/libavformat/mov.c @@ -6945,13 +6945,12 @@ static int mov_read_default(MOVContext *c, AVIOContext *pb, MOVAtom atom) a.type == MKTAG('h','o','o','v')) && a.size >= 8 && c->fc->strict_std_compliance < FF_COMPLIANCE_STRICT) { - uint8_t buf[8]; - uint32_t *type = (uint32_t *)buf + 1; - if (avio_read(pb, buf, 8) != 8) - return AVERROR_INVALIDDATA; + uint32_t type; + avio_skip(pb, 4); + type = avio_rl32(pb); avio_seek(pb, -8, SEEK_CUR); - if (*type == MKTAG('m','v','h','d') || - *type == MKTAG('c','m','o','v')) { + if (type == MKTAG('m','v','h','d') || + type == MKTAG('c','m','o','v')) { av_log(c->fc, AV_LOG_ERROR, "Detected moov in a free or hoov atom.\n"); a.type = MKTAG('m','o','o','v'); }