[FFmpeg-devel] [PATCH] lavf/id3v2: fail read_apic on EOF reading mimetype
Michael Niedermayer
michael at niedermayer.cc
Mon Dec 17 19:41:15 EET 2018
On Sun, Dec 16, 2018 at 09:42:49PM +0100, Tomas Härdin wrote:
> fre 2018-12-14 klockan 13:44 -0800 skrev chcunningham:
> > avio_read may return EOF, leaving the mimetype array unitialized.
> > fail
> > early when this occurs to avoid using the array in an unitialized
> > state.
> > ---
> > libavformat/id3v2.c | 6 ++++--
> > 1 file changed, 4 insertions(+), 2 deletions(-)
> >
> > diff --git a/libavformat/id3v2.c b/libavformat/id3v2.c
> > index f7de26a1d8..5fe055b591 100644
> > --- a/libavformat/id3v2.c
> > +++ b/libavformat/id3v2.c
> > @@ -590,7 +590,7 @@ static void read_apic(AVFormatContext *s,
> > AVIOContext *pb, int taglen,
> > int isv34)
> > {
> > int enc, pic_type;
> > - char mimetype[64];
> > + char mimetype[64] = {0};
> > const CodecMime *mime = ff_id3v2_mime_tags;
> > enum AVCodecID id = AV_CODEC_ID_NONE;
> > ID3v2ExtraMetaAPIC *apic = NULL;
> > @@ -612,7 +612,9 @@ static void read_apic(AVFormatContext *s,
> > AVIOContext *pb, int taglen,
> > if (isv34) {
> > taglen -= avio_get_str(pb, taglen, mimetype,
> > sizeof(mimetype));
> > } else {
> > - avio_read(pb, mimetype, 3);
> > + if (avio_read(pb, mimetype, 3) < 0)
> > + goto fail;
> > +
>
> Looks good to me
will apply
thx
[...]
--
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB
Concerning the gods, I have no means of knowing whether they exist or not
or of what sort they may be, because of the obscurity of the subject, and
the brevity of human life -- Protagoras
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: not available
URL: <http://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20181217/caf7d5a3/attachment.sig>
More information about the ffmpeg-devel
mailing list