-
Previously, the user input for stsd entries is trusted completely, and so a maliciously crafted file could choose the length of the stsd entries arbitrarily and cause qtdemux to try to allocate up to 2GB of memory (half of a 32 bit max int). This patch fixes this by sanity checking the stsd input against the size of the entire stsd atom. Part-of: <!670>
738f32d5