CVE-2022-43037 An issue was discovered in Bento4 1.6.0-639
The issue was resolved by better handling of parsing errors. A new function was added called AP4_File::ParseStream_failure_handler. When parsing of a special stream fails, the function will now be called instead of AP4_File::ParseStream. The function can now be used to log parsing failures.
Issue #1040 was discovered in Bento4 1.6.0-639. There is a problem with the way the AP4_File::GetHeader function is called. The function will not work as expected if the file contains more than 4000 bytes.
To resolve the issue, a new limit of 4000 bytes was added to AP4_File::GetHeader.
Issue #1041 was discovered in Bento4 1.6.0-639. There is a problem with the way AP4_File::ReadData function is called. If the file contains more than 4000 bytes, the function will not work as expected.
To resolve the issue, a new limit of 4000 bytes was added to AP4_File::ReadData.
Issue #1042 was discovered in Bento4 1.6.0-639. There is a problem with the way AP4_File::ReadData function is called. If the file contains more than 4000 bytes, the function will not work as expected.
To resolve the issue, a new limit of 4000 bytes was added to AP
Breaking Changes in Bento4 1.6.0-639
Issue #1040 was discovered in Bento4 1.6.0-639 and will be resolved with better handling of parsing errors. A new function was added called AP4_File::ParseStream_failure_handler. When parsing of a special stream fails, the function will now be called instead of AP4_File::ParseStream. The function can now be used to log parsing failures.
Issue #1041 was discovered in Bento4 1.6.0-639 and will be resolved by changing the way AP4_File::ReadData is called when the file contains more than 4000 bytes. It will now use AP4_File::ParseStream instead if the file has more than 4000 bytes and call AP4_File::GetHeader if it doesn't have that much data yet.
Version Information
Bento4 1.6.0-639
Fixes bugs in handling of parsing errors and reading more than 4000 bytes from a file.
Timeline
Published on: 10/19/2022 14:15:00 UTC
Last modified on: 10/21/2022 14:20:00 UTC