[FFmpeg-trac] #4357(avcodec:new): Potential DoS in mpeg4video parser

[FFmpeg]

#4357: Potential DoS in mpeg4video parser
------------------------------------+--------------------------------------
             Reporter:  jmaggard10  |                     Type:  defect
               Status:  new         |                 Priority:  normal
            Component:  avcodec     |                  Version:  git-master
             Keywords:              |               Blocked By:
             Blocking:              |  Reproduced by developer:  0
Analyzed by developer:  0           |
------------------------------------+--------------------------------------
 Large zero-filled files can cause libavcodec to allocate very large
 quantities of RAM.

 I ran across this when forked-daapd was scanning a directory that
 contained large pre-allocated files, but did not yet have any actual data
 in those files.

 Reproduction is easy.

 # truncate -s8G badfile.m4v
 # ffprobe badfile.m4v

--
Ticket URL: <https://trac.ffmpeg.org/ticket/4357>
FFmpeg <https://ffmpeg.org>
FFmpeg issue tracker