From af4cc2605c7a56ecfd84c264aa2b325020418472 Mon Sep 17 00:00:00 2001 From: Luca Barbato Date: Wed, 1 May 2013 19:01:11 +0200 Subject: [PATCH 1/2] id3v2: check for end of file while unescaping tags Prevent a serious out of buffer bound write. Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC:libav-stable@libav.org --- libavformat/id3v2.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/libavformat/id3v2.c b/libavformat/id3v2.c index 0563e6bf85..e5f7486e1d 100644 --- a/libavformat/id3v2.c +++ b/libavformat/id3v2.c @@ -644,9 +644,10 @@ static void id3v2_parse(AVFormatContext *s, int len, uint8_t version, goto seek; } b = buffer; - while (avio_tell(s->pb) < end) { + while (avio_tell(s->pb) < end && !s->pb->eof_reached) { *b++ = avio_r8(s->pb); - if (*(b - 1) == 0xff && avio_tell(s->pb) < end - 1) { + if (*(b - 1) == 0xff && avio_tell(s->pb) < end - 1 && + !s->pb->eof_reached ) { uint8_t val = avio_r8(s->pb); *b++ = val ? val : avio_r8(s->pb); } From 769d921f3e4d3808320238f4f33b47cd492f1c04 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Martin=20Storsj=C3=B6?= Date: Thu, 2 May 2013 11:01:43 +0300 Subject: [PATCH 2/2] compat: msvc: Make sure the object files are included when linking statically MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit If building libav with -MD in the cflags (for making the MSVC compiler generate code for using a dynamically linked libc), the system headers that declare strtod, snprintf and vsnprintf declare the functions as imported from a DLL. To hook up wrappers of our own for these functions, the function names are defined to avpriv_*, so that the calling code within libav calls the wrappers instead. Since these functions are declared to be imported from DLLs, the calling code expects to load them from DLL import function pointers (creating references to _imp__avpriv_strtod instead of directly to avpriv_strtod). If the libav libraries are not built as DLLs, no such function pointers (as the calling code expects) are created. The linker can fix this up automatically in some cases (producing warnings LNK4217 and LNK4049), if the object files are already included. By telling the linker to try to include those symbols (without the _imp prefix as the calling code ends up using), we get the object files included, so that the linker can do the automatic fixup. This is done via config.h, so that all (or at least most) of the object files in our libraries force including the compat files, to make sure they are included regardless of what files from our static libraries actually are included. Signed-off-by: Martin Storsjö --- configure | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/configure b/configure index fd47e53af0..269c70887d 100755 --- a/configure +++ b/configure @@ -4082,6 +4082,11 @@ if enabled yasm; then printf '' >$TMPASM fi +if enabled msvc && ! enabled shared; then + echo '#pragma comment(linker, "/include:"EXTERN_PREFIX"avpriv_strtod")' >> $TMPH + echo '#pragma comment(linker, "/include:"EXTERN_PREFIX"avpriv_snprintf")' >> $TMPH +fi + print_config ARCH_ "$config_files" $ARCH_LIST print_config HAVE_ "$config_files" $HAVE_LIST print_config CONFIG_ "$config_files" $CONFIG_LIST \