diff options
author | Dale Curtis <dalecurtis@chromium.org> | 2024-02-02 20:49:44 +0000 |
---|---|---|
committer | Michael Niedermayer <michael@niedermayer.cc> | 2024-02-21 18:23:41 +0100 |
commit | 6ef32ea5748e9dcc2c8d1c076607b8d15650a5fe (patch) | |
tree | 030c57262736a6f7a43d4a0ec353cc29c8c2e657 /libavutil/aes.h | |
parent | a3f69cdec73dfddb132a89a524e1977dddfe46d0 (diff) | |
download | ffmpeg-6ef32ea5748e9dcc2c8d1c076607b8d15650a5fe.tar.gz |
Avoid OOM for invalid STCO / CO64 constructions.
The `entries` value is read directly from the stream and used to
allocate memory. This change clamps `entries` to however many are
possible in the remaining atom or file size (whichever is smallest).
Fixes https://crbug.com/1429357
Signed-off-by: Dale Curtis <dalecurtis@chromium.org>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Diffstat (limited to 'libavutil/aes.h')
0 files changed, 0 insertions, 0 deletions