oma: correctly mark and decrypt partial packets

Incomplete crypted files would lead to a read after buffer boundary otherwise. Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org
author: Luca Barbato <lu_zero@gentoo.org> 2013-04-17 21:19:23 +0200
committer: Luca Barbato <lu_zero@gentoo.org> 2013-07-28 22:54:55 +0200
commit: 2219e27b5b17d146e4ab71a3ed86dfc013fb7a93 (patch)
tree: 2f5c0bd6ad72738fc4c8c8a3ff87aa4af98e8c08 /libavformat/omadec.c
parent: 9d0b45ade864f3d2ccd8610149fe1fff53c4e937 (diff)
1 files changed, 8 insertions, 2 deletions
diff --git a/libavformat/omadec.c b/libavformat/omadec.c
index 5bfaea5cf0..1d7fc91819 100644
--- a/libavformat/omadec.c
+++ b/libavformat/omadec.c
@@ -405,6 +405,9 @@ static int oma_read_packet(AVFormatContext *s, AVPacket *pkt)
     int packet_size = s->streams[0]->codec->block_align;
     int ret = av_get_packet(s->pb, pkt, packet_size);
 
+    if (ret < packet_size)
+        pkt->flags |= AV_PKT_FLAG_CORRUPT;
+
     if (ret < 0)
         return ret;
     if (!ret)
@@ -415,8 +418,11 @@ static int oma_read_packet(AVFormatContext *s, AVPacket *pkt)
     if (oc->encrypted) {
         /* previous unencrypted block saved in IV for
          * the next packet (CBC mode) */
-        av_des_crypt(&oc->av_des, pkt->data, pkt->data,
-                     (packet_size >> 3), oc->iv, 1);
+        if (ret == packet_size)
+            av_des_crypt(&oc->av_des, pkt->data, pkt->data,
+                         (packet_size >> 3), oc->iv, 1);
+        else
+            memset(oc->iv, 0, 8);
     }
 
     return ret;
author	Luca Barbato <lu_zero@gentoo.org>	2013-04-17 21:19:23 +0200
committer	Luca Barbato <lu_zero@gentoo.org>	2013-07-28 22:54:55 +0200
commit	2219e27b5b17d146e4ab71a3ed86dfc013fb7a93 (patch)
tree	2f5c0bd6ad72738fc4c8c8a3ff87aa4af98e8c08 /libavformat/omadec.c
parent	9d0b45ade864f3d2ccd8610149fe1fff53c4e937 (diff)