Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
demux: mp4: fix buffer overflow in parsing of string boxes.
We ensure that pbox->i_size is never smaller than 8 to avoid an integer underflow in the third argument of the subsequent call to memcpy. We also make sure no truncation occurs when passing values derived from the 64 bit integer p_box->i_size to arguments of malloc and memcpy that may be 32 bit integers on 32 bit platforms. Signed-off-by: Jean-Baptiste Kempf <jb@videolan.org>
- Loading branch information