From f6e9c0eed5bd711587a0c20640730b4361cf8a62 Mon Sep 17 00:00:00 2001 From: manh-td Date: Thu, 11 Dec 2025 20:52:05 +0800 Subject: [PATCH] Fix DoS due to lack of eof check --- contrib/sdk/sources/ffmpeg/ffmpeg-2.8/libavformat/cinedec.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/contrib/sdk/sources/ffmpeg/ffmpeg-2.8/libavformat/cinedec.c b/contrib/sdk/sources/ffmpeg/ffmpeg-2.8/libavformat/cinedec.c index 632f46c45..1497842cf 100644 --- a/contrib/sdk/sources/ffmpeg/ffmpeg-2.8/libavformat/cinedec.c +++ b/contrib/sdk/sources/ffmpeg/ffmpeg-2.8/libavformat/cinedec.c @@ -267,8 +267,12 @@ static int cine_read_header(AVFormatContext *avctx) /* parse image offsets */ avio_seek(pb, offImageOffsets, SEEK_SET); - for (i = 0; i < st->duration; i++) + for (i = 0; i < st->duration; i++) { + if (avio_feof(pb)) + return AVERROR_INVALIDDATA; + av_add_index_entry(st, avio_rl64(pb), i, 0, 0, AVINDEX_KEYFRAME); + } return 0; }