Home Explore Help
Sign In
SMusatov
/
ffmpeg
mirror of https://git.ffmpeg.org/ffmpeg.git
1
0
Fork 0
Files Wiki
Browse Source

qt-faststart: add validation on ftyp atom size

avoid trying to allocate an unreasonably sized buffer on corrupt files

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
erankor 6 years ago
parent
2fc108f60f
commit
ee09ffbfd2
1 changed files with 6 additions and 0 deletions
Split View Show Diff Stats
  1. 6 0
      tools/qt-faststart.c

+ 6 - 0
tools/qt-faststart.c
View File 

@@ -84,6 +84,7 @@
 
 
 #define ATOM_PREAMBLE_SIZE    8
 
 #define COPY_BUFFER_SIZE   33554432
 
+#define MAX_FTYP_ATOM_SIZE 1048576
 
 
 int main(int argc, char *argv[])
 
 {
 
@@ -133,6 +134,11 @@ int main(int argc, char *argv[])
 
 
         /* keep ftyp atom */
 
         if (atom_type == FTYP_ATOM) {
 
+            if (atom_size > MAX_FTYP_ATOM_SIZE) {
 
+                printf("ftyp atom size %"PRIu64" too big\n",
 
+                       atom_size);
 
+                goto error_out;
 
+            }
 
             ftyp_atom_size = atom_size;
 
             free(ftyp_atom);
 
             ftyp_atom = malloc(ftyp_atom_size);