wine/gecko
0
0
Fork 0
mirror of https://gitlab.winehq.org/wine/wine-gecko.git synced 2024-09-13 09:24:08 -07:00
Code Issues Packages Projects Releases Wiki Activity

Bug 1216748 - p3. Ensure 'covr' data size cannot create underflow - r=rillian

Browse Source
This commit is contained in:
Gerald Squelart 2015-11-11 12:36:05 +01:00
parent ca34be4966
commit c48a53f547
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
media/libstagefright/frameworks/av/media/libstagefright/MPEG4Extractor.cpp
View File

@ -2024,12 +2024,15 @@ status_t MPEG4Extractor::parseChunk(off64_t *offset, int depth) {
if (mFileMetaData != NULL) { if (mFileMetaData != NULL) {
ALOGV("chunk_data_size = %lld and data_offset = %lld", ALOGV("chunk_data_size = %lld and data_offset = %lld",
chunk_data_size, data_offset); chunk_data_size, data_offset);
const int kSkipBytesOfDataBox = 16;
if (chunk_data_size <= kSkipBytesOfDataBox) {
return ERROR_MALFORMED;
}
sp<ABuffer> buffer = new ABuffer(chunk_data_size + 1); sp<ABuffer> buffer = new ABuffer(chunk_data_size + 1);
if (mDataSource->readAt( if (mDataSource->readAt(
data_offset, buffer->data(), chunk_data_size) != (ssize_t)chunk_data_size) { data_offset, buffer->data(), chunk_data_size) != (ssize_t)chunk_data_size) {
return ERROR_IO; return ERROR_IO;
} }
const int kSkipBytesOfDataBox = 16;
mFileMetaData->setData( mFileMetaData->setData(
kKeyAlbumArt, MetaData::TYPE_NONE, kKeyAlbumArt, MetaData::TYPE_NONE,
buffer->data() + kSkipBytesOfDataBox, chunk_data_size - kSkipBytesOfDataBox); buffer->data() + kSkipBytesOfDataBox, chunk_data_size - kSkipBytesOfDataBox);