[PR #1996] [MERGED] fix prevent MP4 & PS demuxer panics due to out-of-bounds/underflow #2794

New Issue

claunia · 2026-01-29T17:23:56Z

claunia commented

2026-01-29 17:23:56 +00:00

📋 Pull Request Information

Original PR: https://github.com/CCExtractor/ccextractor/pull/1996
Author: @THE-Amrit-mahto-05
Created: 1/7/2026
Status: ✅ Merged
Merged: 1/10/2026
Merged by: @cfsmp3

Base: master ← Head: fix/demuxer-panics

📝 Commits (1)

ca2b708 fix: prevent MP4 & PS demuxer panics due to out-of-bounds/underflow (#1995)

📊 Changes

1 file changed (+5 additions, -2 deletions)

View changed files

📝 src/rust/src/demuxer/stream_functions.rs (+5 -2)

📄 Description

…#1995)

In raising this pull request, I confirm the following (please check boxes):

I have read and understood the contributors guide.
I have checked that another pull request for this purpose does not exist.
I have considered, and confirmed that this submission will be valuable to others.
I accept that this submission may not be used, and the pull request closed at the will of the maintainer.
I give this submission freely, and claim no ownership to its content.
I have mentioned this change in the changelog.

My familiarity with the project is as follows (check one):

I have never used CCExtractor.
I have used CCExtractor just a couple of times.
I absolutely love CCExtractor, but have not contributed previously.
I am an active contributor to CCExtractor.

Description

fixes critical panics in CCExtractor’s demuxer when handling certain malformed or very small media files.

Issues Addressed

PS probing underflow:
- Very small input buffers (<3 bytes) caused the subtraction ctx.startbytes_avail - 3 to underflow.
- Fixed using saturating_sub(3) to safely handle tiny buffers.
MP4 box validation out-of-bounds:
- Validation of "moov" boxes assumed at least 15 bytes beyond position.
- Small or corrupted MP4 files could trigger out-of-bounds panics on buffer[position + 12..14]
- Fixed by ensuring position + 15 < buffer.len() before accessing the buffer.

Steps to Reproduce

# PS underflow 
echo -n "00" > tiny.ps
./ccextractor tiny.ps

# MP4 out-of-bounds 
echo -n "" > empty.mp4
./ccextractor empty.mp4

Changes Made

Used saturating_sub in PS demuxer logic to prevent underflow.
Added buffer length check before accessing MP4 "moov" box.

Verification

Tested with small PS and empty MP4 files — no crashes observed.
Verified normal operation on typical media files remains unaffected

Fixes #1995

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/CCExtractor/ccextractor/pull/1996 **Author:** [@THE-Amrit-mahto-05](https://github.com/THE-Amrit-mahto-05) **Created:** 1/7/2026 **Status:** ✅ Merged **Merged:** 1/10/2026 **Merged by:** [@cfsmp3](https://github.com/cfsmp3) **Base:** `master` ← **Head:** `fix/demuxer-panics` --- ### 📝 Commits (1) - [`ca2b708`](https://github.com/CCExtractor/ccextractor/commit/ca2b708023e591d8af99db53f39b9609605bc8ef) fix: prevent MP4 & PS demuxer panics due to out-of-bounds/underflow (#1995) ### 📊 Changes **1 file changed** (+5 additions, -2 deletions) <details> <summary>View changed files</summary> 📝 `src/rust/src/demuxer/stream_functions.rs` (+5 -2) </details> ### 📄 Description …#1995)  **In raising this pull request, I confirm the following (please check boxes):** - [x] I have read and understood the [contributors guide](https://github.com/CCExtractor/ccextractor/blob/master/.github/CONTRIBUTING.md). - [x] I have checked that another pull request for this purpose does not exist. - [x] I have considered, and confirmed that this submission will be valuable to others. - [x] I accept that this submission may not be used, and the pull request closed at the will of the maintainer. - [x] I give this submission freely, and claim no ownership to its content. - [x] **I have mentioned this change in the [changelog](https://github.com/CCExtractor/ccextractor/blob/master/docs/CHANGES.TXT).** **My familiarity with the project is as follows (check one):** - [ ] I have never used CCExtractor. - [ ] I have used CCExtractor just a couple of times. - [ ] I absolutely love CCExtractor, but have not contributed previously. - [x] I am an active contributor to CCExtractor. --- ### Description fixes critical panics in CCExtractor’s demuxer when handling certain malformed or very small media files. ### Issues Addressed 1. **PS probing underflow:** - Very small input buffers (<3 bytes) caused the subtraction ctx.startbytes_avail - 3 to underflow. - Fixed using saturating_sub(3) to safely handle tiny buffers. 2. **MP4 box validation out-of-bounds:** - Validation of "moov" boxes assumed at least 15 bytes beyond position. - Small or corrupted MP4 files could trigger out-of-bounds panics on buffer[position + 12..14] - Fixed by ensuring position + 15 < buffer.len() before accessing the buffer. --- ### Steps to Reproduce ```bash # PS underflow echo -n "00" > tiny.ps ./ccextractor tiny.ps # MP4 out-of-bounds echo -n "" > empty.mp4 ./ccextractor empty.mp4 ``` ### Changes Made - Used saturating_sub in PS demuxer logic to prevent underflow. - Added buffer length check before accessing MP4 "moov" box. ### Verification - Tested with small PS and empty MP4 files — no crashes observed. - Verified normal operation on typical media files remains unaffected Fixes #1995 --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>

claunia added the pull-request label 2026-01-29 17:23:56 +00:00

Sign in to join this conversation.

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/ccextractor#2794