[FFmpeg-devel] [PATCH] latmenc: validate extradata size.

Reimar Döffinger Reimar.Doeffinger at gmx.de
Wed Apr 11 21:39:02 CEST 2012

On Wed, Apr 11, 2012 at 08:22:59PM +0100, Kieran Kunhya wrote:
> Imho should be checked somewhere else since broken extradata sizes
> should be sanity check for all types of 14496-3.

What do you mean by "somewhere else" exactly?
Also I have no real reason to believe that there is any
specific size that is "broken", I see no reason why the extradata
of an AAC stream on mov couldn't be 50 MB and still be
"valid" even if silly.
The only reasons to check it here are
a) the format has a rather strict limit on the overall data size, so
this might allow catching some things that are sure to fail early on
b) far more importantly, the current code is potentially exploitable
and that is the least effort way to plug the hole I can see.

More information about the ffmpeg-devel mailing list