This is an automated email from the git hooks/post-receive script. Git pushed a commit to branch master in repository ffmpeg.
commit 1fd718c6a9764d591e3d0b8d01511ce0d91a7f58 Author: Michael Niedermayer <[email protected]> AuthorDate: Mon Jan 26 02:43:25 2026 +0100 Commit: michaelni <[email protected]> CommitDate: Wed Feb 4 00:04:41 2026 +0000 avformat/mpegts: Check program_info_length Fixes: overread No testcase Found-by: Marton Balint Signed-off-by: Michael Niedermayer <[email protected]> --- libavformat/mpegts.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/libavformat/mpegts.c b/libavformat/mpegts.c index dc8a0bd0a8..a9094ab55b 100644 --- a/libavformat/mpegts.c +++ b/libavformat/mpegts.c @@ -2509,7 +2509,8 @@ static void pmt_cb(MpegTSFilter *filter, const uint8_t *section, int section_len av_log(ts->stream, AV_LOG_TRACE, "pcr_pid=0x%x\n", pcr_pid); program_info_length = get16(&p, p_end); - if (program_info_length < 0) + + if (program_info_length < 0 || (program_info_length & 0xFFF) > p_end - p) return; program_info_length &= 0xfff; while (program_info_length >= 2) { _______________________________________________ ffmpeg-cvslog mailing list -- [email protected] To unsubscribe send an email to [email protected]
