[FFmpeg-trac] #9695(avformat:closed): Crash in libavformat/mov.c while playing a simple mp4 file
FFmpeg
trac at avcodec.org
Sun Jul 17 20:55:41 EEST 2022
#9695: Crash in libavformat/mov.c while playing a simple mp4 file
------------------------------------+------------------------------------
Reporter: dlin | Owner: (none)
Type: defect | Status: closed
Priority: normal | Component: avformat
Version: git-master | Resolution: invalid
Keywords: mov.c | Blocked By:
Blocking: | Reproduced by developer: 1
Analyzed by developer: 1 |
------------------------------------+------------------------------------
Changes (by Marton Balint):
* status: new => closed
* resolution: => invalid
Comment:
This is not a crash but only read of uninitialized value.
This is the allocated data:
{{{
buf = av_malloc(num_bytes+AV_INPUT_BUFFER_PADDING_SIZE);
}}}
Only num_bytes are filled in the buffer, but the bitstream reader used on
buf is allowed to overread, that is why extra padding is allocated. So the
code is safe and uninitialized value is ignored later on.
--
Ticket URL: <https://trac.ffmpeg.org/ticket/9695#comment:1>
FFmpeg <https://ffmpeg.org>
FFmpeg issue tracker
More information about the FFmpeg-trac
mailing list