From d92f313d4b44caea1ff403ddf74878f4c79657e0 Mon Sep 17 00:00:00 2001 From: Kevin Backhouse Date: Wed, 3 Jul 2024 23:45:38 +0100 Subject: [PATCH] Credit to OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=68210 Use readOrThrow() to detect premature EOF. --- src/asfvideo.cpp | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/asfvideo.cpp b/src/asfvideo.cpp index f52d39eb6a..6d0abcb00c 100644 --- a/src/asfvideo.cpp +++ b/src/asfvideo.cpp @@ -235,7 +235,7 @@ void AsfVideo::readMetadata() { AsfVideo::HeaderReader::HeaderReader(const BasicIo::UniquePtr& io) : IdBuf_(GUID) { if (io->size() >= io->tell() + GUID + QWORD) { - IdBuf_ = io->read(GUID); + IdBuf_ = io->readOrThrow(GUID, Exiv2::ErrorCode::kerCorruptedMetadata); size_ = readQWORDTag(io); if (size_ >= GUID + QWORD) @@ -291,7 +291,7 @@ void AsfVideo::decodeBlock() { void AsfVideo::decodeHeader() { DataBuf nbHeadersBuf(DWORD + 1); - io_->read(nbHeadersBuf.data(), DWORD); + io_->readOrThrow(nbHeadersBuf.data(), DWORD, Exiv2::ErrorCode::kerCorruptedMetadata); uint32_t nb_headers = Exiv2::getULong(nbHeadersBuf.data(), littleEndian); Internal::enforce(nb_headers < std::numeric_limits::max(), Exiv2::ErrorCode::kerCorruptedMetadata); @@ -353,7 +353,7 @@ void AsfVideo::DegradableJPEGMedia() { } void AsfVideo::streamProperties() { - DataBuf streamTypedBuf = io_->read(GUID); + DataBuf streamTypedBuf = io_->readOrThrow(GUID, Exiv2::ErrorCode::kerCorruptedMetadata); enum class streamTypeInfo { Audio = 1, Video = 2 }; auto stream = static_cast(0); @@ -471,7 +471,7 @@ void AsfVideo::contentDescription() { } // AsfVideo::extendedContentDescription void AsfVideo::fileProperties() { - DataBuf FileIddBuf = io_->read(GUID); + DataBuf FileIddBuf = io_->readOrThrow(GUID, Exiv2::ErrorCode::kerCorruptedMetadata); xmpData()["Xmp.video.FileID"] = GUIDTag(FileIddBuf.data()).to_string(); xmpData()["Xmp.video.FileLength"] = readQWORDTag(io_); xmpData()["Xmp.video.CreationDate"] = readQWORDTag(io_);