demux: mp4: fix heap overflow reading esds

author Francois Cartegnie <fcvlcdev@free.fr>

Sat, 27 Sep 2014 16:29:13 +0000 (18:29 +0200)

committer Francois Cartegnie <fcvlcdev@free.fr>

Sat, 27 Sep 2014 16:29:13 +0000 (18:29 +0200)
author Francois Cartegnie <fcvlcdev@free.fr>
Sat, 27 Sep 2014 16:29:13 +0000 (18:29 +0200)
committer Francois Cartegnie <fcvlcdev@free.fr>
Sat, 27 Sep 2014 16:29:13 +0000 (18:29 +0200)
diff --git a/modules/demux/mp4/libmp4.c b/modules/demux/mp4/libmp4.c

index 12637238fe4d03e8e5d36476f24d3386b6a9c237..63d7db4c0d1eaad8620740dc554cd277ed104e3f 100644 (file)
--- a/modules/demux/mp4/libmp4.c
+++ b/modules/demux/mp4/libmp4.c
@@ -1237,6 +1237,7 @@ static int MP4_ReadBox_esds( stream_t *p_stream, MP4_Box_t *p_box )
              unsigned int i_len;
  
              MP4_GET1BYTE( i_len );
+            i_len = __MIN(i_read, i_len);
              es_descriptor.psz_URL = malloc( i_len + 1 );
              if( es_descriptor.psz_URL )
              {
author	Francois Cartegnie <fcvlcdev@free.fr>
	Sat, 27 Sep 2014 16:29:13 +0000 (18:29 +0200)
committer	Francois Cartegnie <fcvlcdev@free.fr>
	Sat, 27 Sep 2014 16:29:13 +0000 (18:29 +0200)