matroskadec: Fix buffer overread in matroska_ebmlnum_uint

Based on a Chromium patch Originally committed as revision 23168 to svn://svn.ffmpeg.org/ffmpeg/trunk
2024-12-20 02:28:17 +00:00 · 2010-05-18 21:21:32 +00:00 · 2010-05-18 21:21:32 +00:00 · 465c28b6b4
commit 465c28b6b4
parent d98bd80ed3
1 changed files with 1 additions and 1 deletions
--- a/libavformat/matroskadec.c
+++ b/libavformat/matroskadec.c
@ -679,7 +679,7 @@ static int matroska_ebmlnum_uint(MatroskaDemuxContext *matroska,
 {
    ByteIOContext pb;
    init_put_byte(&pb, data, size, 0, NULL, NULL, NULL, NULL);
-    return ebml_read_num(matroska, &pb, 8, num);
+    return ebml_read_num(matroska, &pb, FFMIN(size, 8), num);
 }

 /*