[FFmpeg-devel] [mov] Bail when invalid sample data is present.
Dale Curtis
dalecurtis at chromium.org
Tue Aug 1 02:42:20 EEST 2017
I'm not convinced my original patch catches all cases. So here's an updated
one which explicitly verifies the contract.
- dale
On Mon, Jul 31, 2017 at 2:40 PM, Dale Curtis <dalecurtis at chromium.org>
wrote:
> [mov] Bail when invalid sample data is present.
>
> ctts data in ffmpeg relies on the index entries array to be 1:1
> with samples... yet sc->sample_count can be read directly from
> the 'stsz' box and index entries are only generated if a chunk
> count has been read from 'stco' box.
>
> Ensure that if sc->sample_count > 0, sc->chunk_count is too.
>
> This should be applied on top of the ctts fixes in my previous patch.
>
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: sample_count_fix_v2.patch
Type: text/x-patch
Size: 2200 bytes
Desc: not available
URL: <http://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20170731/64846976/attachment.bin>
More information about the ffmpeg-devel
mailing list