[FFmpeg-devel] [PATCH] lavf/id3v2: fail read_apic on EOF reading mimetype
chcunningham
chcunningham at chromium.org
Thu Dec 13 21:28:26 EET 2018
avio_read may return EOF, leaving the mimetype array unitialized. fail
early when this occurs to avoid using the array in an unitialized state.
---
libavformat/id3v2.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/libavformat/id3v2.c b/libavformat/id3v2.c
index f7de26a1d8..f06b9a787e 100644
--- a/libavformat/id3v2.c
+++ b/libavformat/id3v2.c
@@ -609,10 +609,13 @@ static void read_apic(AVFormatContext *s, AVIOContext *pb, int taglen,
taglen--;
/* mimetype */
+ memset(mimetype, 0, sizeof(mimetype));
if (isv34) {
taglen -= avio_get_str(pb, taglen, mimetype, sizeof(mimetype));
} else {
- avio_read(pb, mimetype, 3);
+ if (avio_read(pb, mimetype, 3) < 0)
+ goto fail;
+
mimetype[3] = 0;
taglen -= 3;
}
--
2.20.0.rc2.403.gdbc3b29805-goog
More information about the ffmpeg-devel
mailing list