[FFmpeg-devel] [mov] Bail when invalid sample data is present.
dalecurtis at chromium.org
Tue Aug 1 02:42:20 EEST 2017
I'm not convinced my original patch catches all cases. So here's an updated
one which explicitly verifies the contract.
On Mon, Jul 31, 2017 at 2:40 PM, Dale Curtis <dalecurtis at chromium.org>
> [mov] Bail when invalid sample data is present.
> ctts data in ffmpeg relies on the index entries array to be 1:1
> with samples... yet sc->sample_count can be read directly from
> the 'stsz' box and index entries are only generated if a chunk
> count has been read from 'stco' box.
> Ensure that if sc->sample_count > 0, sc->chunk_count is too.
> This should be applied on top of the ctts fixes in my previous patch.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 2200 bytes
Desc: not available
More information about the ffmpeg-devel