mirror of
https://github.com/alfg/mp4-rust.git
synced 2024-05-20 01:08:06 +00:00
7cfdffbd71
* Fix several overflows in box and track processing * Use size_of::<Type>() instead of magic numbers * Fix a panic in Mp4Track::read_sample() for one-past-the-end This appears to be a bug unmasked by other changes. read_sample() calls sample_offset() then sample_size(), and assumes that if the former returns Ok then the latter does as well. However, if the sample_id is one past the end, sample_offset() might succeed (it only checks samples _up to_ the given sample_id but not _including_ it) while sample_size() fails (because the sample doesn't exist). read_sample() will then panic. Fix this by duplicating the error propagation (that is currently done for sample_offset) for sample_size, instead of unwrapping. This is a cautious change that fixes the bug; alternatively, having sample_offset() call sample_size() on the given sample_id and propagate any error might also work. * Account for header size in box processing overflow fixes * Ensure that boxes aren't bigger than their containers Together with the entry_count checks, this eliminates several OOMs when reading incorrect mp4 files. * Fix order of arithmetic operations This was due to an incorrect transcription when switching to checked arithmetic, and fixes a bug that could cause attempted lookups of the wrong chunk_id. |
||
---|---|---|
.. | ||
mp4box | ||
error.rs | ||
lib.rs | ||
reader.rs | ||
track.rs | ||
types.rs | ||
writer.rs |