avoid buffer overrun when populating track_hdlr_name

wez · wez · commit abbce70ecf54 · 2021-07-09T05:46:57.000-07:00
speculative fix for #30
diff --git a/src/AtomicParsley.h b/src/AtomicParsley.h
@@ -122,6 +122,7 @@
 #endif
 
 #include "util.h"
+#include <algorithm>
 
 #define MAX_ATOMS 2048
 #define MAXDATA_PAYLOAD 1256
diff --git a/src/extracts.cpp b/src/extracts.cpp
@@ -1282,11 +1282,12 @@ void APar_ExtractTrackDetails(char *uint32_buffer,
     track_info->type_of_track = VIDEO_TRACK;
   }
   if (parsedAtoms[track->track_atom].AtomicLength > 34) {
-    memset(track_info->track_hdlr_name, 0, 100);
+    memset(track_info->track_hdlr_name, 0, sizeof(track_info->track_hdlr_name));
     APar_readX(track_info->track_hdlr_name,
                isofile,
                parsedAtoms[track->track_atom].AtomicStart + 32,
-               parsedAtoms[track->track_atom].AtomicLength - 32);
+               std::min(sizeof(track_info->track_hdlr_name),
+                        parsedAtoms[track->track_atom].AtomicLength - 32));
   }
 
   // codec section

Original file line number	Diff line number	Diff line change
`@@ -1282,11 +1282,12 @@ void APar_ExtractTrackDetails(char *uint32_buffer,`
`1282`	`1282`	`track_info->type_of_track = VIDEO_TRACK;`
`1283`	`1283`	`}`
`1284`	`1284`	`if (parsedAtoms[track->track_atom].AtomicLength > 34) {`
`1285`		`- memset(track_info->track_hdlr_name, 0, 100);`
	`1285`	`+ memset(track_info->track_hdlr_name, 0, sizeof(track_info->track_hdlr_name));`
`1286`	`1286`	`APar_readX(track_info->track_hdlr_name,`
`1287`	`1287`	`isofile,`
`1288`	`1288`	`parsedAtoms[track->track_atom].AtomicStart + 32,`
`1289`		`- parsedAtoms[track->track_atom].AtomicLength - 32);`
	`1289`	`+ std::min(sizeof(track_info->track_hdlr_name),`
	`1290`	`+ parsedAtoms[track->track_atom].AtomicLength - 32));`
`1290`	`1291`	`}`
`1291`	`1292`
`1292`	`1293`	`// codec section`