mirror of
https://github.com/CCExtractor/ccextractor.git
synced 2026-07-08 18:06:30 +00:00
[PR #2057] fix: prevent heap overflow in parse_PAT/parse_PMT and null deref in processmp4 #2868
Reference in New Issue
Block a user
Delete Branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Original Pull Request: https://github.com/CCExtractor/ccextractor/pull/2057
State: closed
Merged: Yes
Summary
payload_length >= 8before accessing header fields (fixes #2053)ES_info_lengthvalidation and 2-byte minimum check before readingdescriptor_taganddesc_leninPRIVATE_USER_MPEG2and teletext parsing loops (fixes #2054)fileparameter before passing tomprint(fixes #2055)These are security fixes for heap-buffer-overflow and null pointer dereference vulnerabilities reported by @oneafter.
Test plan
Fixes #2053, #2054, #2055
🤖 Generated with Claude Code