CVE-2017-14055

author Markus Koschany <apo@debian.org>

Sun, 30 Dec 2018 13:27:49 +0000 (14:27 +0100)

committer Sylvain Beucler <beuc@debian.org>

Thu, 5 Dec 2019 16:27:00 +0000 (16:27 +0000)
author Markus Koschany <apo@debian.org>
Sun, 30 Dec 2018 13:27:49 +0000 (14:27 +0100)
committer Sylvain Beucler <beuc@debian.org>
Thu, 5 Dec 2019 16:27:00 +0000 (16:27 +0000)
diff --git a/libavformat/mvdec.c b/libavformat/mvdec.c

index e21ec06b74a6e10a7ef8470f4d6659a78579da30..4c629930228d3414131e9c86d99cba4edf814110 100644 (file)
--- a/libavformat/mvdec.c
+++ b/libavformat/mvdec.c
@@ -327,6 +327,8 @@ static int mv_read_header(AVFormatContext *avctx)
              uint32_t pos   = avio_rb32(pb);
              uint32_t asize = avio_rb32(pb);
              uint32_t vsize = avio_rb32(pb);
+            if (avio_feof(pb))
+                return AVERROR_INVALIDDATA;
              avio_skip(pb, 8);
              av_add_index_entry(ast, pos, timestamp, asize, 0, AVINDEX_KEYFRAME);
              av_add_index_entry(vst, pos + asize, i, vsize, 0, AVINDEX_KEYFRAME);
author	Markus Koschany <apo@debian.org>
	Sun, 30 Dec 2018 13:27:49 +0000 (14:27 +0100)
committer	Sylvain Beucler <beuc@debian.org>
	Thu, 5 Dec 2019 16:27:00 +0000 (16:27 +0000)