virtualenv/FFmpeg
1
0
Fork 0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2024-12-23 12:43:46 +02:00
Code Issues Releases Activity

avformat/rtmppkt: Simplify and deobfuscate amf_tag_skip() slightly

Browse Source 
Found while reviewing: CID1530313 Untrusted loop bound

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit cedbef0394)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This commit is contained in:
Michael Niedermayer 2024-06-07 23:05:47 +02:00
parent 5af1fe5693
commit f6b059008f
No known key found for this signature in database
GPG Key ID: B18E8928B3948D64
1 changed files with 2 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
libavformat/rtmppkt.c
View File

@ -441,7 +441,6 @@ static int amf_tag_skip(GetByteContext *gb)
{
AMFDataType type;
unsigned nb = -1;
int parse_key = 1;
if (bytestream2_get_bytes_left(gb) < 1)
return -1;
@ -466,13 +465,12 @@ static int amf_tag_skip(GetByteContext *gb)
bytestream2_skip(gb, 10);
return 0;
case AMF_DATA_TYPE_ARRAY:
parse_key = 0;
case AMF_DATA_TYPE_MIXEDARRAY:
nb = bytestream2_get_be32(gb);
case AMF_DATA_TYPE_OBJECT:
while (nb-- > 0 || type != AMF_DATA_TYPE_ARRAY) {
while (type != AMF_DATA_TYPE_ARRAY || nb-- > 0) {
int t;
if (parse_key) {
if (type != AMF_DATA_TYPE_ARRAY) {
int size = bytestream2_get_be16(gb);
if (!size) {
bytestream2_get_byte(gb);