RepoMirrors
/
ffmpeg
mirror of https://git.ffmpeg.org/ffmpeg.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

http: Check for negative chunk sizes 

A negative chunk size is illegal and would end up used as
length for memcpy, where it would lead to memory accesses
out of bounds.

Found-by: Paul Cher <paulcher@icloud.com>

CC: libav-stable@libav.org
Signed-off-by: Martin Storsjö <martin@martin.st>
This commit is contained in:
Martin Storsjö 2016-12-15 10:24:20 +02:00
parent 0b77a59336
commit 1316446779
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
libavformat/http.c
View File

@ -784,8 +784,9 @@ static int http_read_stream(URLContext *h, uint8_t *buf, int size)
av_log(NULL, AV_LOG_TRACE, "Chunked encoding data size: %"PRId64"'\n",
s->chunksize);
if (!s->chunksize)
if (s->chunksize < 0)
return AVERROR_INVALIDDATA;
else if (!s->chunksize)
return 0;
break;
}