Add boundary checks for Ap4StsdAtom

Same problem as before, underflow of bytes_available results in some potential attack
axiomatic-systems · Apr 2, 2024 · 26df396 · 26df396
1 parent b977973
commit 26df396
Showing 1 changed file with 1 addition and 0 deletions.
diff --git a/Source/C++/Core/Ap4StsdAtom.cpp b/Source/C++/Core/Ap4StsdAtom.cpp
@@ -87,6 +87,7 @@ AP4_StsdAtom::AP4_StsdAtom(AP4_UI32         size,
                            AP4_AtomFactory& atom_factory) :
     AP4_ContainerAtom(AP4_ATOM_TYPE_STSD, size, false, version, flags)
 {
+    if (size < AP4_FULL_ATOM_HEADER_SIZE + 4) return;
     // read the number of entries
     AP4_UI32 entry_count;
     stream.ReadUI32(entry_count);