[FFmpeg-cvslog] r23168 - trunk/libavformat/matroskadec.c

conrad subversion
Tue May 18 23:21:32 CEST 2010


Author: conrad
Date: Tue May 18 23:21:32 2010
New Revision: 23168

Log:
matroskadec: Fix buffer overread in matroska_ebmlnum_uint

Based on a Chromium patch

Modified:
   trunk/libavformat/matroskadec.c

Modified: trunk/libavformat/matroskadec.c
==============================================================================
--- trunk/libavformat/matroskadec.c	Tue May 18 23:21:28 2010	(r23167)
+++ trunk/libavformat/matroskadec.c	Tue May 18 23:21:32 2010	(r23168)
@@ -679,7 +679,7 @@ static int matroska_ebmlnum_uint(Matrosk
 {
     ByteIOContext pb;
     init_put_byte(&pb, data, size, 0, NULL, NULL, NULL, NULL);
-    return ebml_read_num(matroska, &pb, 8, num);
+    return ebml_read_num(matroska, &pb, FFMIN(size, 8), num);
 }
 
 /*



More information about the ffmpeg-cvslog mailing list