1. ffmpeg
  2. Commit 3038e2041e87ffd3d249ce0c8109f19207ca0017
Browse code

ffserver: prevent nb_streams from becoming too large

Fixes CID732249

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 0f46825d9833b70cec671d825b0065850c485196)

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>

Michael Niedermayer authored on 2012/10/13 07:30:42
Showing 1 changed files
ffserver.c
History View file @ 3038e20
... ... 
@@ -3457,6 +3457,9 @@ static AVStream *add_av_stream1(FFStream *stream, AVCodecContext *codec, int cop
3457 3457 
 {
3458 3458 
     AVStream *fst;
3459 3459
3460 
+    if(stream->nb_streams >= FF_ARRAY_ELEMS(stream->streams))
3461 
+        return NULL;
3462 
+
3460 3463 
     fst = av_mallocz(sizeof(AVStream));
3461 3464 
     if (!fst)
3462 3465 
         return NULL;
... ... 
@@ -3802,6 +3805,9 @@ static void add_codec(FFStream *stream, AVCodecContext *av)
3802 3802 
 {
3803 3803 
     AVStream *st;
3804 3804
3805 
+    if(stream->nb_streams >= FF_ARRAY_ELEMS(stream->streams))
3806 
+        return NULL;
3807 
+
3805 3808 
     /* compute default parameters */
3806 3809 
     switch(av->codec_type) {
3807 3810 
     case AVMEDIA_TYPE_AUDIO: