fix potential Denial of Service via specially crafted payloads

netroy · netroy · commit 640a67d9e821 · 2025-04-02T16:28:35.000+02:00
diff --git a/lib/types/utils.ts b/lib/types/utils.ts
@@ -79,6 +79,8 @@ export function findBox(input: Uint8Array, boxName: string, offset: number) {
     const box = readBox(input, offset)
     if (!box) break
     if (box.name === boxName) return box
-    offset += box.size
+    // Fix the infinite loop by ensuring offset always increases
+    // If box.size is 0, advance by at least 8 bytes (the size of the box header)
+    offset += box.size > 0 ? box.size : 8
   }
 }

Original file line number	Diff line number	Diff line change
`@@ -79,6 +79,8 @@ export function findBox(input: Uint8Array, boxName: string, offset: number) {`
`79`	`79`	`const box = readBox(input, offset)`
`80`	`80`	`if (!box) break`
`81`	`81`	`if (box.name === boxName) return box`
`82`		`- offset += box.size`
	`82`	`+ // Fix the infinite loop by ensuring offset always increases`
	`83`	`+ // If box.size is 0, advance by at least 8 bytes (the size of the box header)`
	`84`	`+ offset += box.size > 0 ? box.size : 8`
`83`	`85`	`}`
`84`	`86`	`}`