Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit fd00237c authored by Riaz Ur Rahaman's avatar Riaz Ur Rahaman Committed by Steve Kondik
Browse files

libstagefright: Add check for zero chunk size. 

mp4 file with chunksize of zero causes a infinite recursive call
of parsechunk of the parser resulting in ANR. Added check to handle
this case.

Change-Id: I468ef3371b4efb92d34fe38bbc99883641b4a7f5
Crs-Fixed:254974
parent ad23bf6b

media/libstagefright/MPEG4Extractor.cpp

+3 −0
Original line number Diff line number Diff line
@@ -425,6 +425,9 @@ status_t MPEG4Extractor::parseChunk(off_t *offset, int depth) { 
    uint32_t chunk_type = ntohl(hdr[1]);

    off_t data_offset = *offset + 8;



    if(chunk_size == 0)

       return ERROR_MALFORMED;



    if (chunk_size == 1) {

        if (mDataSource->readAt(*offset + 8, &chunk_size, 8) < 8) {

            return ERROR_IO;