[vlc-commits] [Git][videolan/vlc][master] 2 commits: contrib: ebml: avoid reading more than 2^32 at once

Steve Lhomme (@robUx4) gitlab at videolan.org
Thu May 7 13:43:36 UTC 2026 


Steve Lhomme pushed to branch master at VideoLAN / VLC


Commits:
c79852da by Steve Lhomme at 2026-05-07T12:48:37+00:00
contrib: ebml: avoid reading more than 2^32 at once

Backport for a patch on the master branch.

- - - - -
b91572e7 by Steve Lhomme at 2026-05-07T12:48:37+00:00
demux: mkv: fix vlc_stream_Read() return checks

It returns a ssize_t, not an int. Once the sign has been checked we can cast it to size_t.

It can only be casted to uint32 if the original size was not larger than a uint32.

- - - - -


3 changed files:

- + contrib/src/ebml/0001-IOCallback-avoid-reading-more-than-2-32-at-once.patch
- contrib/src/ebml/rules.mak
- modules/demux/mkv/stream_io_callback.cpp


Changes:

=====================================
contrib/src/ebml/0001-IOCallback-avoid-reading-more-than-2-32-at-once.patch
=====================================
@@ -0,0 +1,51 @@
+From 1a8c6d1e2518fe19d1d1d206b6df03470abb8e09 Mon Sep 17 00:00:00 2001
+From: Steve Lhomme <slhomme at matroska.org>
+Date: Sun, 2 Oct 2022 09:24:27 +0200
+Subject: [PATCH] IOCallback: avoid reading more than 2^32 at once
+
+In practice it should never happen as 2^32+1 buffers are not possible on any
+known platform. But better safe than sorry. Or memory mapped files could reach
+this code ?
+
+(cherry picked from commit 40b4797829f6a35c1ea0a160ba7feed7443acb7d)
+---
+ src/IOCallback.cpp | 16 ++++++++++++----
+ 1 file changed, 12 insertions(+), 4 deletions(-)
+
+diff --git a/src/IOCallback.cpp b/src/IOCallback.cpp
+index 13ed635..4fbaeee 100644
+--- a/src/IOCallback.cpp
++++ b/src/IOCallback.cpp
+@@ -33,6 +33,7 @@
+   \author Moritz Bunkus <moritz @ bunkus.org>
+ */
+ 
++#include <limits>
+ #include <sstream>
+ #include <stdexcept>
+ 
+@@ -64,10 +65,17 @@ void IOCallback::readFully(void*Buffer,size_t Size)
+   if(Buffer == nullptr)
+     throw;
+ 
+-  if(read(Buffer,Size) != Size) {
+-    stringstream Msg;
+-    Msg<<"EOF in readFully("<<Buffer<<","<<Size<<")";
+-    throw runtime_error(Msg.str());
++  char *readBuf = static_cast<char *>(Buffer);
++  uint32_t readSize = static_cast<uint32_t>(std::min<size_t>(std::numeric_limits<uint32>::max(), Size));
++  while (readSize != 0) {
++    if(read(readBuf,readSize) != readSize) {
++      stringstream Msg;
++      Msg<<"EOF in readFully("<<Buffer<<","<<Size<<")";
++      throw runtime_error(Msg.str());
++    }
++    Size -= readSize;
++    readBuf += readSize;
++    readSize = static_cast<uint32_t>(std::min<size_t>(std::numeric_limits<uint32>::max(), Size));
+   }
+ }
+ 
+-- 
+2.52.0.windows.1
+


=====================================
contrib/src/ebml/rules.mak
=====================================
@@ -14,6 +14,7 @@ $(TARBALLS)/libebml-$(EBML_VERSION).tar.xz:
 
 ebml: libebml-$(EBML_VERSION).tar.xz .sum-ebml
 	$(UNPACK)
+	$(APPLY) $(SRC)/ebml/0001-IOCallback-avoid-reading-more-than-2-32-at-once.patch
 	$(APPLY) $(SRC)/ebml/0001-EbmlString-ReadFully-use-automatic-memory-management.patch
 	$(APPLY) $(SRC)/ebml/0002-EbmlUnicodeString-use-std-string-when-reading-instea.patch
 	$(APPLY) $(SRC)/ebml/0001-EbmlMaster-fix-leak-when-reading-upper-level-element.patch


=====================================
modules/demux/mkv/stream_io_callback.cpp
=====================================
@@ -36,11 +36,13 @@ vlc_stream_io_callback::vlc_stream_io_callback( stream_t *s_, bool b_owner_ )
 
 uint32 vlc_stream_io_callback::read( void *p_buffer, size_t i_size )
 {
-    if( i_size <= 0 || mb_eof )
+    assert( i_size <= std::numeric_limits<uint32>::max() );
+
+    if( i_size == 0 || mb_eof )
         return 0;
 
-    int i_ret = vlc_stream_Read( s, p_buffer, i_size );
-    return i_ret < 0 || i_ret < i_size ? 0 : i_ret;
+    ssize_t i_ret = vlc_stream_Read( s, p_buffer, i_size );
+    return i_ret < 0 || static_cast<size_t>(i_ret) < i_size ? 0 : static_cast<uint32>(i_ret);
 }
 
 void vlc_stream_io_callback::setFilePointer(int64_t i_offset, seek_mode mode )



View it on GitLab: https://code.videolan.org/videolan/vlc/-/compare/d8f3c77caaf827e00f3569b9d8383f62c9a88d8a...b91572e7424a472bbf80d3ad5025fc20ca3fbd1d

-- 
View it on GitLab: https://code.videolan.org/videolan/vlc/-/compare/d8f3c77caaf827e00f3569b9d8383f62c9a88d8a...b91572e7424a472bbf80d3ad5025fc20ca3fbd1d
You're receiving this email because of your account on code.videolan.org.

More information about the vlc-commits mailing list