[vlc-devel] [PATCH] demux: mp4: fix crashes with VPx
Tristan Matthews
tmatth at videolan.org
Thu Sep 22 13:17:41 CEST 2016
Reported by Vittorio Giovara.
---
modules/demux/mp4/essetup.c | 1 +
modules/demux/mp4/libmp4.c | 4 ++++
2 files changed, 5 insertions(+)
diff --git a/modules/demux/mp4/essetup.c b/modules/demux/mp4/essetup.c
index 446bf84..f299fd1 100644
--- a/modules/demux/mp4/essetup.c
+++ b/modules/demux/mp4/essetup.c
@@ -601,6 +601,7 @@ int SetupVideoES( demux_t *p_demux, mp4_track_t *p_track, MP4_Box_t *p_sample )
p_track->fmt.video.i_bits_per_pixel = p_data->i_bit_depth;
p_track->fmt.i_extra = p_data->i_codec_init_datasize;
+ p_track->fmt.p_extra = malloc( p_track->fmt.i_extra );
memcpy( p_track->fmt.p_extra, p_data->p_codec_init_data, p_data->i_codec_init_datasize );
}
}
diff --git a/modules/demux/mp4/libmp4.c b/modules/demux/mp4/libmp4.c
index 6a36b7f..495eb8c 100644
--- a/modules/demux/mp4/libmp4.c
+++ b/modules/demux/mp4/libmp4.c
@@ -1650,6 +1650,10 @@ static int MP4_ReadBox_vpcC( stream_t *p_stream, MP4_Box_t *p_box )
MP4_GET2BYTES( p_vpcC->i_codec_init_datasize );
if( p_vpcC->i_codec_init_datasize > i_read )
p_vpcC->i_codec_init_datasize = i_read;
+ p_vpcC->p_codec_init_data = malloc( p_vpcC->i_codec_init_datasize );
+ if( !p_vpcC->p_codec_init_data )
+ MP4_READBOX_EXIT( 0 );
+
memcpy( p_vpcC->p_codec_init_data, p_peek, i_read );
MP4_READBOX_EXIT( 1 );
--
2.9.3
More information about the vlc-devel
mailing list