qtdemux: Add out-of-bound check

author Edward Hervey <edward@centricular.com>

Wed, 12 Apr 2017 09:03:24 +0000 (11:03 +0200)

committer Edward Hervey <bilboed@bilboed.com>

Wed, 12 Apr 2017 09:03:24 +0000 (11:03 +0200)
author Edward Hervey <edward@centricular.com>
Wed, 12 Apr 2017 09:03:24 +0000 (11:03 +0200)
committer Edward Hervey <bilboed@bilboed.com>
Wed, 12 Apr 2017 09:03:24 +0000 (11:03 +0200)
diff --git a/gst/isomp4/qtdemux.c b/gst/isomp4/qtdemux.c

index d7fdae822ade6c73b400d26ddcf2a5d6576b6e90..64277f1449711f9f240620d37f5ff8f241f55b4a 100644 (file)
--- a/gst/isomp4/qtdemux.c
+++ b/gst/isomp4/qtdemux.c
@@ -7964,8 +7964,16 @@ gst_qtdemux_stream_check_and_change_stsd_index (GstQTDemux * demux,
  
    GST_DEBUG_OBJECT (stream->pad, "Changing stsd index from '%u' to '%u'",
        stream->cur_stsd_entry_index, stream->stsd_sample_description_id);
-  stream->cur_stsd_entry_index = stream->stsd_sample_description_id;
-  stream->new_caps = TRUE;
+  if (G_UNLIKELY (stream->stsd_sample_description_id >=
+          stream->stsd_entries_length)) {
+    GST_ELEMENT_ERROR (demux, STREAM, DEMUX,
+        (_("This file is invalid and cannot be played.")),
+        ("New sample description id is out of bounds (%d >= %d)",
+            stream->stsd_sample_description_id, stream->stsd_entries_length));
+  } else {
+    stream->cur_stsd_entry_index = stream->stsd_sample_description_id;
+    stream->new_caps = TRUE;
+  }
  }
  
  static gboolean
author	Edward Hervey <edward@centricular.com>
	Wed, 12 Apr 2017 09:03:24 +0000 (11:03 +0200)
committer	Edward Hervey <bilboed@bilboed.com>
	Wed, 12 Apr 2017 09:03:24 +0000 (11:03 +0200)