RepoMirrors
/
mpv
mirror of https://github.com/mpv-player/mpv
1
0
Fork 0
Code Issues Releases Wiki Activity

ebml: warn if there are too many subelements 

Seems like a good idea.
This commit is contained in:
wm4 2014-09-04 19:20:30 +02:00
parent d9aaf78530
commit c15957b43a
1 changed files with 7 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
demux/ebml.c
View File

@ -420,12 +420,16 @@ static void ebml_parse_element(struct ebml_parse_ctx *ctx, void *target,
if (num_elems[i] && type->fields[i].multiple) {
char *ptr = s + type->fields[i].offset;
switch (type->fields[i].desc->type) {
case EBML_TYPE_SUBELEMENTS:
num_elems[i] = FFMIN(num_elems[i],
1000000000 / type->fields[i].desc->size);
case EBML_TYPE_SUBELEMENTS: {
size_t max = 1000000000 / type->fields[i].desc->size;
if (num_elems[i] > max) {
MP_ERR(ctx, "Too many subelements.\n");
num_elems[i] = max;
}
int sz = num_elems[i] * type->fields[i].desc->size;
*(generic_struct **) ptr = talloc_zero_size(ctx->talloc_ctx, sz);
break;
}
case EBML_TYPE_UINT:
*(uint64_t **) ptr = talloc_zero_array(ctx->talloc_ctx,
uint64_t, num_elems[i]);