search

rbouqueau / gpac

GPAC mirror from the SourceForge Subversion
GNU Lesser General Public License v2.1
0 stars 1 forks source link

[Bug] Buffer overrun in ismacryp.c [sf#314] #314

Closed rbouqueau closed 10 years ago

rbouqueau commented 10 years ago

Reported by olegloa on 2014-06-18 09:03 UTC MP4Box crashes with Segmentation fault when decrypting DRM file with H.265 while decrypt sample large than 4K (full sample encryption).

Buffer overrun in ismacryp.c (1418) while reading sample into memory.

This change helped for me:

Index: media_tools/ismacryp.c
===================================================================
--- media_tools/ismacryp.c      (revision 5277)
+++ media_tools/ismacryp.c      (working copy)
@@ -1415,6 +1415,10 @@
                }
                //full sample encryption
                else {
+                       if (samp->dataLength > max_size) {
+                               while (samp->dataLength > max_size) max_size *= 2;
+                               buffer = (char*)gf_realloc(buffer, max_size);
+                       }
                        gf_bs_read_data(cyphertext_bs, buffer,samp->dataLength);
                        gf_crypt_decrypt(mc, buffer, samp->dataLength);
                        gf_bs_write_data(pleintext_bs, buffer, samp->dataLength);
rbouqueau commented 10 years ago

Updated by cconcolato on 2014-07-16 11:18 UTC

rbouqueau commented 10 years ago

Commented by cconcolato on 2014-07-16 11:18 UTC Closing bug as patch is applied.