* 2008 Benjamin Larsson
* 2011 David Goldwich
*
- * This file is part of Libav.
+ * This file is part of FFmpeg.
*
- * Libav is free software; you can redistribute it and/or
+ * FFmpeg is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2.1 of the License, or (at your option) any later version.
*
- * Libav is distributed in the hope that it will be useful,
+ * FFmpeg is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
- * License along with Libav; if not, write to the Free Software
+ * License along with FFmpeg; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/
return memcmp(&enc_header[pos], oc->sm_val, 8) ? -1 : 0;
}
-static int nprobe(AVFormatContext *s, uint8_t *enc_header, const uint8_t *n_val)
+static int nprobe(AVFormatContext *s, uint8_t *enc_header, int size, const uint8_t *n_val)
{
OMAContext *oc = s->priv_data;
uint32_t pos, taglen, datalen;
taglen = AV_RB32(&enc_header[pos+32]);
datalen = AV_RB32(&enc_header[pos+36]) >> 4;
+ if(taglen + (((uint64_t)datalen)<<4) + 44 > size)
+ return -1;
+
pos += 44 + taglen;
av_des_init(&av_des, n_val, 192, 1);
av_log(s, AV_LOG_ERROR, "Invalid encryption header\n");
return -1;
}
+ if (oc->k_size + oc->e_size + oc->i_size > geob->datasize) {
+ av_log(s, AV_LOG_ERROR, "Too little GEOB data\n");
+ return AVERROR_INVALIDDATA;
+ }
oc->rid = AV_RB32(&gdata[OMA_ENC_HEADER_SIZE + 28]);
av_log(s, AV_LOG_DEBUG, "RID: %.8x\n", oc->rid);
}
if (!memcmp(oc->r_val, (const uint8_t[8]){0}, 8) ||
rprobe(s, gdata, oc->r_val) < 0 &&
- nprobe(s, gdata, oc->n_val) < 0) {
+ nprobe(s, gdata, geob->datasize, oc->n_val) < 0) {
int i;
- for (i = 0; i < sizeof(leaf_table); i += 2) {
+ for (i = 0; i < FF_ARRAY_ELEMS(leaf_table); i += 2) {
uint8_t buf[16];
AV_WL64(buf, leaf_table[i]);
AV_WL64(&buf[8], leaf_table[i+1]);
kset(s, buf, buf, 16);
- if (!rprobe(s, gdata, oc->r_val) || !nprobe(s, gdata, oc->n_val))
+ if (!rprobe(s, gdata, oc->r_val) || !nprobe(s, gdata, geob->datasize, oc->n_val))
break;
}
- if (i >= sizeof(leaf_table)) {
+ if (i >= FF_ARRAY_ELEMS(leaf_table)) {
av_log(s, AV_LOG_ERROR, "Invalid key\n");
return -1;
}
ID3v2ExtraMeta *extra_meta = NULL;
OMAContext *oc = s->priv_data;
- ff_id3v2_read_all(s, ID3v2_EA3_MAGIC, &extra_meta);
+ ff_id3v2_read(s, ID3v2_EA3_MAGIC, &extra_meta);
ret = avio_read(s->pb, buf, EA3_HEADER_SIZE);
if (ret < EA3_HEADER_SIZE)
return -1;
if (oc->encrypted) {
/* previous unencrypted block saved in IV for the next packet (CBC mode) */
- av_des_crypt(&oc->av_des, pkt->data, pkt->data, (packet_size >> 3), oc->iv, 1);
+ av_des_crypt(&oc->av_des, pkt->data, pkt->data, (ret >> 3), oc->iv, 1);
}
return ret;
{
OMAContext *oc = s->priv_data;
- pcm_read_seek(s, stream_index, timestamp, flags);
+ ff_pcm_read_seek(s, stream_index, timestamp, flags);
if (oc->encrypted) {
/* readjust IV for CBC */
.extensions = "oma,omg,aa3",
.codec_tag = (const AVCodecTag* const []){ff_oma_codec_tags, 0},
};
-
projects / ffmpeg / blobdiff