diff --git a/mkvparser.cpp b/mkvparser.cpp index c73bdb4..d469a77 100644 --- a/mkvparser.cpp +++ b/mkvparser.cpp @@ -1291,6 +1291,16 @@ long Segment::LoadCluster( long long& pos, long& len) { + long long total, avail; + + const int status = m_pReader->Length(&total, &avail); + + if (status < 0) //error + return status; + + assert(total >= 0); + assert(avail <= total); + const long long stop = m_start + m_size; while (m_pos < stop) @@ -1299,12 +1309,18 @@ long Segment::LoadCluster( //Read ID + if ((pos + 1) > avail) + { + len = 1; + return E_BUFFER_NOT_FULL; + } + long long result = GetUIntLength(m_pReader, pos, len); if (result < 0) //error return static_cast(result); - if (result > 0) + if (result > 0) //weird { len = 1; return E_BUFFER_NOT_FULL; @@ -1313,6 +1329,9 @@ long Segment::LoadCluster( if ((pos + len) > stop) return E_FILE_FORMAT_INVALID; + if ((pos + len) > avail) + return E_BUFFER_NOT_FULL; + const long long idpos = pos; const long long id = ReadUInt(m_pReader, idpos, len); @@ -1323,12 +1342,18 @@ long Segment::LoadCluster( //Read Size + if ((pos + 1) > avail) + { + len = 1; + return E_BUFFER_NOT_FULL; + } + result = GetUIntLength(m_pReader, pos, len); if (result < 0) //error return static_cast(result); - if (result > 0) + if (result > 0) //weird { len = 1; return E_BUFFER_NOT_FULL; @@ -1337,6 +1362,9 @@ long Segment::LoadCluster( if ((pos + len) > stop) return E_FILE_FORMAT_INVALID; + if ((pos + len) > avail) + return E_BUFFER_NOT_FULL; + const long long size = ReadUInt(m_pReader, pos, len); if (size < 0) //error @@ -1359,13 +1387,6 @@ long Segment::LoadCluster( len = static_cast(size); - long long total, avail; - - const int status = m_pReader->Length(&total, &avail); - assert(status == 0); //TODO - assert(total >= 0); - assert(avail <= total); - if ((pos + size) > avail) return E_BUFFER_NOT_FULL;