qt-faststart: add validation on ftyp atom size

avoid trying to allocate an unreasonably sized buffer on corrupt files Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
author: erankor <eran.kornblau@kaltura.com> 2018-06-13 11:48:20 +0300
committer: Michael Niedermayer <michael@niedermayer.cc> 2018-06-13 21:55:19 +0200
commit: ee09ffbfd2f744e796d6289523f396d830c025a3 (patch)
tree: dba445b227fb4ee2c75cb64a0dfa1551a8b0fb1c /tools/qt-faststart.c
parent: 2fc108f60f98cd00813418a8754a46476b404a3c (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/tools/qt-faststart.c b/tools/qt-faststart.c
index d0ae7245f3..9446c11f80 100644
--- a/tools/qt-faststart.c
+++ b/tools/qt-faststart.c
@@ -84,6 +84,7 @@
 
 #define ATOM_PREAMBLE_SIZE    8
 #define COPY_BUFFER_SIZE   33554432
+#define MAX_FTYP_ATOM_SIZE 1048576
 
 int main(int argc, char *argv[])
 {
@@ -133,6 +134,11 @@ int main(int argc, char *argv[])
 
         /* keep ftyp atom */
         if (atom_type == FTYP_ATOM) {
+            if (atom_size > MAX_FTYP_ATOM_SIZE) {
+                printf("ftyp atom size %"PRIu64" too big\n",
+                       atom_size);
+                goto error_out;
+            }
             ftyp_atom_size = atom_size;
             free(ftyp_atom);
             ftyp_atom = malloc(ftyp_atom_size);
author	erankor <eran.kornblau@kaltura.com>	2018-06-13 11:48:20 +0300
committer	Michael Niedermayer <michael@niedermayer.cc>	2018-06-13 21:55:19 +0200
commit	ee09ffbfd2f744e796d6289523f396d830c025a3 (patch)
tree	dba445b227fb4ee2c75cb64a0dfa1551a8b0fb1c /tools/qt-faststart.c
parent	2fc108f60f98cd00813418a8754a46476b404a3c (diff)