2018-01-09 0:22 GMT+01:00 Jacob Trimble <[email protected]>:
> Updated with the new design for the side data and applied the realloc
> fix to avoid large allocations.
> + kid_count = avio_rb32(pb);
Missing check here ...
> + for (; i < kid_count && !pb->eof_reached; i++) {
> + unsigned int min_kid_count = FFMIN(FFMAX(i, 1024), kid_count);
> + key_ids = av_fast_realloc(info->key_ids, &alloc_size,
> + min_kid_count * sizeof(*key_ids));
... for an overflow here.
Thank you, Carl Eugen
_______________________________________________
ffmpeg-devel mailing list
[email protected]
http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
