diff options
author | Zhao Zhili <zhilizhao@tencent.com> | 2023-06-12 19:56:28 +0800 |
---|---|---|
committer | Zhao Zhili <zhilizhao@tencent.com> | 2023-06-24 12:58:15 +0800 |
commit | af3f12078563d8119bd59771793994f651842ff2 (patch) | |
tree | b9a499f4faa99eef2b5c7842572ec335498f927b /libavcodec/mxpegdec.c | |
parent | 3323b515abc1cda20510e5e5d7ae4f3d7419ec8e (diff) | |
download | ffmpeg-af3f12078563d8119bd59771793994f651842ff2.tar.gz |
avformat/mov: fix overallocation when reading pssh/saiz
mov_try_read_block() allocates 1MB at least, which can be more than
enough. It was called when reading saiz box, which can appear
periodically inside fmp4. This consumes a lot of memory.
We can fix mov_try_read_block() by clamp 'block_size' with 'size'.
However, the function is harmful than helpful. It avoids allocating
large memory when the real data is small. Even in that case, if
allocating large memory directly failed, it's fine to return ENOMEM;
if allocating success and reading doesn't match the given size, it's
fine to free and return AVERROR_INVALIDDATA. In other cases, it's a
waste of CPU and memory.
So I decided to remove the function, and replace it by call
av_malloc() and avio_read() directly.
mov_read_saiz() and mov_read_pssh() need more check, but they don't
belong to this patch.
Fixes #7641 and #9243.
Signed-off-by: Zhao Zhili <zhilizhao@tencent.com>
Diffstat (limited to 'libavcodec/mxpegdec.c')
0 files changed, 0 insertions, 0 deletions