[FFmpeg-devel] [PATCH] avformat/mov: Fix reading saio/saiz for clear content.

Michael Niedermayer michael at niedermayer.cc
Sat Jun 9 21:23:07 EEST 2018 

On Thu, Jun 07, 2018 at 01:42:51PM -0700, Jacob Trimble wrote:
> On Thu, Jun 7, 2018 at 10:38 AM Jacob Trimble <modmaker at google.com> wrote:
> >
> > Found by Chrome's ClusterFuzz: http://crbug.com/850389
> >
> > Signed-off-by: Jacob Trimble <modmaker at google.com>
> > ---
> >  libavformat/mov.c | 10 ++++++++++
> >  1 file changed, 10 insertions(+)
> >
> > diff --git a/libavformat/mov.c b/libavformat/mov.c
> > index 4ad19122b3..d07171b3f4 100644
> > --- a/libavformat/mov.c
> > +++ b/libavformat/mov.c
> > @@ -6041,6 +6041,11 @@ static int mov_read_saiz(MOVContext *c, AVIOContext *pb, MOVAtom atom)
> >      if (ret != 1)
> >          return ret;
> >
> > +    if (!sc->cenc.default_encrypted_sample) {
> > +        // Didn't see a 'schm' or 'tenc' atom, so it isn't encrypted.
> > +        return 0;
> > +    }
> > +
> >      if (encryption_index->nb_encrypted_samples) {
> >          // This can happen if we have both saio/saiz and senc atoms.
> >          av_log(c->fc, AV_LOG_DEBUG, "Ignoring duplicate encryption info in saiz\n");
> > @@ -6095,6 +6100,11 @@ static int mov_read_saio(MOVContext *c, AVIOContext *pb, MOVAtom atom)
> >      if (ret != 1)
> >          return ret;
> >
> > +    if (!sc->cenc.default_encrypted_sample) {
> > +        // Didn't see a 'schm' or 'tenc' atom, so it isn't encrypted.
> > +        return 0;
> > +    }
> > +
> >      if (encryption_index->nb_encrypted_samples) {
> >          // This can happen if we have both saio/saiz and senc atoms.
> >          av_log(c->fc, AV_LOG_DEBUG, "Ignoring duplicate encryption info in saio\n");
> > --
> > 2.17.1.1185.g55be947832-goog
> >
> 
> Based on comments downstream, I've added error checks for the
> encrypted type of saio/saiz atoms.

>  mov.c |   71 +++++++++++++++++++++++++++++++++++++++++++++++++++---------------
>  1 file changed, 55 insertions(+), 16 deletions(-)
> f0cb531170be23bb7f754c99edab172f00e79d6e  0001-avformat-mov-Fix-reading-saio-saiz-for-clear-content-v2.patch
> From e4185c0fd08a1baedcf81935ff0f5ac9a97eba4e Mon Sep 17 00:00:00 2001
> From: Jacob Trimble <modmaker at google.com>
> Date: Thu, 7 Jun 2018 10:29:33 -0700
> Subject: [PATCH] avformat/mov: Fix reading saio/saiz for clear content.
> 
> This validates that the common encryption saio/saiz atoms only appear
> when the data is actually encrypted.  This also ignores those atoms
> in clear content.
> 
> Found by Chrome's ClusterFuzz: http://crbug.com/850389
> 
> Signed-off-by: Jacob Trimble <modmaker at google.com>

will apply

btw, the 2 changed code pieces look a bit as if they could be factored into a
single function

thx

[...]

-- 
Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

"You are 36 times more likely to die in a bathtub than at the hands of a
terrorist. Also, you are 2.5 times more likely to become a president and
2 times more likely to become an astronaut, than to die in a terrorist
attack." -- Thoughty2

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: not available
URL: <http://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20180609/c3fa808e/attachment.sig>

More information about the ffmpeg-devel mailing list