[bTSstream-devel] [Git][videolan/bitstream][master] Append size check in scte35_validate.

[Christophe Massiot]

Christophe Massiot pushed to branch master at VideoLAN / bitstream


Commits:
99481459 by Nikita Egorov at 2018-07-14T18:51:00+02:00
Append size check in scte35_validate.

In function scte35_validate psi_check_crc call execute without data
size check. The syntax flag in scte35 PSI by definition is false so
psi_validate will be true. In such case scte35_validate may overflow on
zero length PSI size.

- - - - -


1 changed file:

- scte/35.h


Changes:

=====================================
scte/35.h
=====================================
--- a/scte/35.h
+++ b/scte/35.h
@@ -670,7 +670,8 @@ static inline bool scte35_private_validate(const uint8_t *p_scte35)
 static inline bool scte35_validate(const uint8_t *p_scte35)
 {
     if (psi_get_syntax(p_scte35) ||
-        psi_get_tableid(p_scte35) != SCTE35_TABLE_ID)
+        psi_get_tableid(p_scte35) != SCTE35_TABLE_ID ||
+        psi_get_length(p_scte35) <  SCTE35_HEADER2_SIZE + PSI_CRC_SIZE)
         return false;
 
     if (!psi_check_crc(p_scte35))



View it on GitLab: https://code.videolan.org/videolan/bitstream/commit/994814594ab0c51adbd5db2b7c5423bb6d940a37

-- 
View it on GitLab: https://code.videolan.org/videolan/bitstream/commit/994814594ab0c51adbd5db2b7c5423bb6d940a37
You're receiving this email because of your account on code.videolan.org.