[vlc-commits] demux: libmp4: fix heap overflow in stdp debug code (fix #12358)

Thu Oct 9 00:08:09 CEST 2014

vlc | branch: master | Francois Cartegnie <fcvlcdev at free.fr> | Wed Oct  8 15:17:55 2014 +0200| [2caa3ce4d4a50da0796d0e2bb7feebb53aed8f8f] | committer: Francois Cartegnie

demux: libmp4: fix heap overflow in stdp debug code (fix #12358)

> http://git.videolan.org/gitweb.cgi/vlc.git/?a=commit;h=2caa3ce4d4a50da0796d0e2bb7feebb53aed8f8f
---

 modules/demux/mp4/libmp4.c |    3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/modules/demux/mp4/libmp4.c b/modules/demux/mp4/libmp4.c
index 8e8a9ca..766939c 100644
--- a/modules/demux/mp4/libmp4.c
+++ b/modules/demux/mp4/libmp4.c
@@ -3224,7 +3224,8 @@ static int MP4_ReadBox_sdtp( stream_t *p_stream, MP4_Box_t *p_box )
 
 #ifdef MP4_VERBOSE
     msg_Dbg( p_stream, "i_sample_count is %"PRIu32"", i_sample_count );
-    msg_Dbg( p_stream,
+    if ( i_sample_count > 3 )
+        msg_Dbg( p_stream,
              "read box: \"sdtp\" head: %"PRIx8" %"PRIx8" %"PRIx8" %"PRIx8"",
                  p_sdtp->p_sample_table[0],
                  p_sdtp->p_sample_table[1],

