On Wed, Dec 28, 2016 at 1:15 PM, Anton Khirnov wrote:
> The code does some nontrivial jumping around in the buffer, so it is
> safer to use a checked API rather than do everything manually.
>
> Fixes a bug in nalff parsing, where the length field is currently not
> counted in the buffer size check
The code does some nontrivial jumping around in the buffer, so it is
safer to use a checked API rather than do everything manually.
Fixes a bug in nalff parsing, where the length field is currently not
counted in the buffer size check, resulting in possible overreads with
invalid files.
CC: libav