This is an automated email from the git hooks/post-receive script. Git pushed a commit to branch release/6.1 in repository ffmpeg.
commit 4d4efd7dcf3bc1be643d39c40b9a1e5893de93a2 Author: Ted Meyer <[email protected]> AuthorDate: Tue Feb 3 16:31:50 2026 -0800 Commit: Michael Niedermayer <[email protected]> CommitDate: Mon May 4 17:13:17 2026 +0200 Fix overflow in STSD parser Reset `sc->stsd_count` before parsing entries. This number doesn't get reset, which means that multiple parse passes can increment it past the `sc->extradata` array end and cause OOB writes. (cherry picked from commit a58cb16e27bc0c32906cfb3de36e4a495c0a8602) Signed-off-by: Michael Niedermayer <[email protected]> --- libavformat/mov.c | 1 + 1 file changed, 1 insertion(+) diff --git a/libavformat/mov.c b/libavformat/mov.c index 7a7545c9b5..bad496c887 100644 --- a/libavformat/mov.c +++ b/libavformat/mov.c @@ -2874,6 +2874,7 @@ fail: av_freep(&sc->extradata[j]); } + sc->stsd_count = 0; av_freep(&sc->extradata); av_freep(&sc->extradata_size); return ret; _______________________________________________ ffmpeg-cvslog mailing list -- [email protected] To unsubscribe send an email to [email protected]
