[FFmpeg-devel] [PATCH]lavf/mov: Fix an out-of-bound-read in mov_read_mac_string().
Carl Eugen Hoyos
ceffmpeg at gmail.com
Tue Nov 15 01:41:41 EET 2016
2016-11-14 23:26 GMT+01:00 Andreas Cadhalpun <andreas.cadhalpun at googlemail.com>:
> On 14.11.2016 14:56, Carl Eugen Hoyos wrote:
>> I believe attached patch fixes an out-of-bound-read in mov_read_mac_string()
>> if p<end is false and if the read character is < 0x80, see bug 989.
>>
>> Please comment, Carl Eugen
>
> This patch is not necessary, the issue was fixed with commit 437f5daf0.
> If (p < end) is false, the 'else if (p < end)' branch will not be entered.
Sorry for the noise!
>> --- a/libavformat/mov.c
>> +++ b/libavformat/mov.c
>> @@ -160,7 +160,7 @@ static int mov_read_mac_string(MOVContext *c, AVIOContext *pb, int len,
>> uint8_t t, c = avio_r8(pb);
>
> However, reusing the variable name of the MOVContext as uint8_t looks strange.
Maybe that's what irritated me;-)
Thank you, Carl Eugen
More information about the ffmpeg-devel
mailing list