diff options
author | Andreas Rheinhardt <andreas.rheinhardt@gmail.com> | 2020-05-27 19:09:14 +0200 |
---|---|---|
committer | Andreas Rheinhardt <andreas.rheinhardt@gmail.com> | 2020-07-03 00:04:06 +0200 |
commit | b66884f4aa6701a842bb83b407d546cdb76320d9 (patch) | |
tree | ca56b6b071886c839e362cb07e3e0946295e9a68 /libavformat/asfcrypt.h | |
parent | a3a2e782c2ab5ccfcd864f476e6c3b7aa03c8dcf (diff) | |
download | ffmpeg-b66884f4aa6701a842bb83b407d546cdb76320d9.tar.gz |
avcodec/hevc_mp4toannexb_bsf: Check NAL size against available input
The hevc_mp4toannexb bsf does not explicitly check whether a NAL unit
is so big that it extends beyond the end of the input packet; it does so
only implicitly by using the checked version of the bytestream2 API.
But this has downsides compared to real checks: It can lead to huge
allocations (up to 2GiB) even when the input packet is just a few bytes.
And furthermore it leads to uninitialized data being output.
So add a check to error out early if it happens.
Also check directly whether there is enough data for the length field.
Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
(cherry picked from commit ea1b71e82f5a1752d59d3bfb9704092a79eba6b5)
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Diffstat (limited to 'libavformat/asfcrypt.h')
0 files changed, 0 insertions, 0 deletions