github-mirrors/FFmpeg
1
0
Fork 0
mirror of https://mirror.skon.top/https://github.com/FFmpeg/FFmpeg synced 2026-05-01 06:13:08 +08:00
Code Issues Packages Projects Releases Wiki Activity

avformat/mov: check extradata in mov_read_dops()

Browse Source 
We do want to limit an attackers ability to change once parsed structures.
So once extradata (or another array) is finished and possibly has been used we do not
want to allow an attacker to change it.

This reduces the attack surface

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This commit is contained in:
Michael Niedermayer
2026-04-29 01:49:59 +02:00
committed by michaelni
parent 53cd2c9f2a
commit 7c67748537
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
libavformat/mov.c
View File

@@ -8573,7 +8573,7 @@ static int mov_read_dops(MOVContext *c, AVIOContext *pb, MOVAtom atom)
return 0;
st = c->fc->streams[c->fc->nb_streams-1];
if ((uint64_t)atom.size > (1<<30) || atom.size < 11)
if ((uint64_t)atom.size > (1<<30) || atom.size < 11 || st->codecpar->extradata)
return AVERROR_INVALIDDATA;
/* Check OpusSpecificBox version. */