RepoMirrors/ffmpeg
1
0
Fork 0
mirror of https://git.ffmpeg.org/ffmpeg.git synced 2024-12-12 18:25:03 +00:00
Code Issues Projects Releases Wiki Activity

avformat/cinedec: Fix DoS due to lack of eof check

Browse Source 
Fixes: loop.cine

Found-by: Xiaohei and Wangchu from Alibaba Security Team
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 7e80b63ecd)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This commit is contained in:
孙浩 and 张洪亮(望初) 2017-08-25 01:15:27 +02:00 committed by Michael Niedermayer
parent e7dc286b16
commit 983f90ef18
1 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
libavformat/cinedec.c
View File

@ -267,8 +267,12 @@ static int cine_read_header(AVFormatContext *avctx)
/* parse image offsets */ /* parse image offsets */
avio_seek(pb, offImageOffsets, SEEK_SET); avio_seek(pb, offImageOffsets, SEEK_SET);
for (i = 0; i < st->duration; i++) for (i = 0; i < st->duration; i++) {
if (avio_feof(pb))
return AVERROR_INVALIDDATA;
av_add_index_entry(st, avio_rl64(pb), i, 0, 0, AVINDEX_KEYFRAME); av_add_index_entry(st, avio_rl64(pb), i, 0, 0, AVINDEX_KEYFRAME);
}
return 0; return 0;
} }