aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMichael Niedermayer <michael@niedermayer.cc>2021-03-24 17:03:08 +0100
committerMichael Niedermayer <michael@niedermayer.cc>2021-09-10 16:04:26 +0200
commitd24c7e4c8bdd6d24799876a7205c883ac90c5ae8 (patch)
tree1762b9682131364c43d1dad4dd1fcd7c8bbe2247
parentfbb6d182d08e11b078e8f9e15f4eb42fe6b93f0e (diff)
downloadffmpeg-d24c7e4c8bdd6d24799876a7205c883ac90c5ae8.tar.gz
avformat/mov: Ignore multiple STSC / STCO
Fixes: STSC / STCO inconsistency and assertion failure Fixes: crbug1184666.mp4 Found-by: Chromium ASAN fuzzer Reviewed-by: Matt Wolenetz <wolenetz@google.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 2611d20d353026f996cb9aaced8b35db37f490d4) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
-rw-r--r--libavformat/mov.c12
1 files changed, 8 insertions, 4 deletions
diff --git a/libavformat/mov.c b/libavformat/mov.c
index f77e7310b3..b566f8babb 100644
--- a/libavformat/mov.c
+++ b/libavformat/mov.c
@@ -2001,8 +2001,10 @@ static int mov_read_stco(MOVContext *c, AVIOContext *pb, MOVAtom atom)
if (!entries)
return 0;
- if (sc->chunk_offsets)
- av_log(c->fc, AV_LOG_WARNING, "Duplicated STCO atom\n");
+ if (sc->chunk_offsets) {
+ av_log(c->fc, AV_LOG_WARNING, "Ignoring duplicated STCO atom\n");
+ return 0;
+ }
av_free(sc->chunk_offsets);
sc->chunk_count = 0;
sc->chunk_offsets = av_malloc_array(entries, sizeof(*sc->chunk_offsets));
@@ -2648,8 +2650,10 @@ static int mov_read_stsc(MOVContext *c, AVIOContext *pb, MOVAtom atom)
if (!entries)
return 0;
- if (sc->stsc_data)
- av_log(c->fc, AV_LOG_WARNING, "Duplicated STSC atom\n");
+ if (sc->stsc_data) {
+ av_log(c->fc, AV_LOG_WARNING, "Ignoring duplicated STSC atom\n");
+ return 0;
+ }
av_free(sc->stsc_data);
sc->stsc_count = 0;
sc->stsc_data = av_malloc_array(entries, sizeof(*sc->stsc_data));