virtualenv/FFmpeg
1
0
Fork 0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2024-11-26 19:01:44 +02:00
Code Issues Releases Activity

avformat/mpegts: use a padded buffer in read_sl_header()

Browse Source 
Fixes overread
Fixes: asan_heap-oob_84f75d_8_asan_heap-oob_a2a00a_341_mbc.ts

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
This commit is contained in:
Michael Niedermayer 2014-10-04 05:14:08 +02:00
parent c3d7f00ee3
commit 27f6da2921
1 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
libavformat/mpegts.c
View File

@ -858,8 +858,12 @@ static int read_sl_header(PESContext *pes, SLConfigDescr *sl,
int padding_flag = 0, padding_bits = 0, inst_bitrate_flag = 0;
int dts_flag = -1, cts_flag = -1;
int64_t dts = AV_NOPTS_VALUE, cts = AV_NOPTS_VALUE;
uint8_t buf_padded[128 + FF_INPUT_BUFFER_PADDING_SIZE];
int buf_padded_size = FFMIN(buf_size, sizeof(buf_padded) - FF_INPUT_BUFFER_PADDING_SIZE);
init_get_bits(&gb, buf, buf_size * 8);
memcpy(buf_padded, buf, buf_padded_size);
init_get_bits(&gb, buf_padded, buf_padded_size * 8);
if (sl->use_au_start)
au_start_flag = get_bits1(&gb);