-
Notifications
You must be signed in to change notification settings - Fork 114
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
potential undefined behavior in OpenMP4Source() #102
Comments
From the Quicktime spec, one of the fields can be -1. From the Quicktime spec "If this field is set to –1, it is an empty edit." Safer to test of 0xffffffff. |
Some debugging information: the gpmf-parser/demo/GPMF_mp4reader.c Lines 359 to 361 in 98aff12
In my opinion, value checks would have to be applied before the swapping to prevent the undefined behaviour from being reachable. Also, note that the offset calculation can potentially overflow: gpmf-parser/demo/GPMF_mp4reader.c Line 364 in 98aff12
|
Good feedback, fixed in the current develop branch |
In
OpenMP4Source()
, the following three variables are defined as signed 32 bit integers:gpmf-parser/demo/GPMF_mp4reader.c
Lines 350 to 352 in 98aff12
However, it appears that
fread()
and values are shifted with<<24
via theBYTESWAP32
macroThis can lead to undefined behaviour. Switching the
int32_t
touint32_t
might be a solution, but this should be checked by someone that is more familiar with the code.The text was updated successfully, but these errors were encountered: