[FFmpeg-cvslog] matroskadec: fix crash when parsing invalid mkv

Wed May 6 17:00:28 CEST 2015

ffmpeg | branch: release/2.2 | Thomas Guillem <thomas at gllm.fr> | Fri Apr 10 19:04:51 2015 +0200| [bac0850fbf870d4354d0f68840c0b1c9c1425c4a] | committer: Anton Khirnov

matroskadec: fix crash when parsing invalid mkv

CC: libav-stable at libav.org

Signed-off-by: Anton Khirnov <anton at khirnov.net>
(cherry picked from commit b8d7f3186e86234f6255f5e8ee9e98573b4d9a6e)
Signed-off-by: Anton Khirnov <anton at khirnov.net>
(cherry picked from commit 3e1c9da38b849ce2982b516004370081fdd89ed0)
Signed-off-by: Anton Khirnov <anton at khirnov.net>

Conflicts:
	libavformat/matroskadec.c

> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=bac0850fbf870d4354d0f68840c0b1c9c1425c4a
---

 libavformat/matroskadec.c |    8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/libavformat/matroskadec.c b/libavformat/matroskadec.c
index 22902e0..ad83af4 100644
--- a/libavformat/matroskadec.c
+++ b/libavformat/matroskadec.c
@@ -1412,8 +1412,12 @@ static int matroska_read_header(AVFormatContext *s)
     matroska->ctx = s;
 
     /* First read the EBML header. */
-    if (ebml_parse(matroska, ebml_syntax, &ebml)
-        || ebml.version > EBML_VERSION       || ebml.max_size > sizeof(uint64_t)
+    if (ebml_parse(matroska, ebml_syntax, &ebml) || !ebml.doctype) {
+        av_log(matroska->ctx, AV_LOG_ERROR, "EBML header parsing failed\n");
+        ebml_free(ebml_syntax, &ebml);
+        return AVERROR_INVALIDDATA;
+    }
+    if (ebml.version > EBML_VERSION       || ebml.max_size > sizeof(uint64_t)
         || ebml.id_length > sizeof(uint32_t) || ebml.doctype_version > 2) {
         av_log(matroska->ctx, AV_LOG_ERROR,
                "EBML header using unsupported features\n"

