From ce96d6dcd4854701bd6d55143e500a878a2b133d Mon Sep 17 00:00:00 2001 From: Philippe Normand Date: Sat, 22 Dec 2018 17:55:51 +0100 Subject: [PATCH] qtdemux: Offset correction for track language code parsing The duration field being a uint64, is stored in 8 bytes, not 4. So the offset of the following field, language code, needs to be updated accordingly so that the parsed language code is not garbage. --- gst/isomp4/qtdemux.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gst/isomp4/qtdemux.c b/gst/isomp4/qtdemux.c index 24665329b7..2db46d64d8 100644 --- a/gst/isomp4/qtdemux.c +++ b/gst/isomp4/qtdemux.c @@ -10295,11 +10295,11 @@ qtdemux_parse_trak (GstQTDemux * qtdemux, GNode * trak) version = QT_UINT32 ((guint8 *) mdhd->data + 8); GST_LOG_OBJECT (qtdemux, "track version/flags: %08x", version); if (version == 0x01000000) { - if (len < 38) + if (len < 42) goto corrupt_file; stream->timescale = QT_UINT32 ((guint8 *) mdhd->data + 28); stream->duration = QT_UINT64 ((guint8 *) mdhd->data + 32); - lang_code = QT_UINT16 ((guint8 *) mdhd->data + 36); + lang_code = QT_UINT16 ((guint8 *) mdhd->data + 40); } else { if (len < 30) goto corrupt_file;