[FFmpeg-cvslog] mov: validate sample_rate
Andreas Cadhalpun
git at videolan.org
Mon Nov 7 01:54:00 EET 2016
ffmpeg | branch: master | Andreas Cadhalpun <Andreas.Cadhalpun at googlemail.com> | Sun Oct 23 16:23:55 2016 +0200| [fc022e77eed66ccfd7ac1788ba23f790c6769dee] | committer: Andreas Cadhalpun
mov: validate sample_rate
A negative sample rate doesn't make sense and triggers assertions in
av_rescale_rnd.
fate-aac-al07_96 fails if sample_rate == 0 is rejected in
ff_mov_read_stsd_entries.
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun at googlemail.com>
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=fc022e77eed66ccfd7ac1788ba23f790c6769dee
---
libavformat/mov.c | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/libavformat/mov.c b/libavformat/mov.c
index 9179b58..b6c8c29 100644
--- a/libavformat/mov.c
+++ b/libavformat/mov.c
@@ -888,6 +888,10 @@ static int mov_read_ddts(MOVContext *c, AVIOContext *pb, MOVAtom atom)
st = c->fc->streams[c->fc->nb_streams-1];
st->codecpar->sample_rate = get_bits_long(&gb, 32);
+ if (st->codecpar->sample_rate <= 0) {
+ av_log(c->fc, AV_LOG_ERROR, "Invalid sample rate %d\n", st->codecpar->sample_rate);
+ return AVERROR_INVALIDDATA;
+ }
skip_bits_long(&gb, 32); /* max bitrate */
st->codecpar->bit_rate = get_bits_long(&gb, 32);
st->codecpar->bits_per_coded_sample = get_bits(&gb, 8);
@@ -2273,6 +2277,10 @@ int ff_mov_read_stsd_entries(MOVContext *c, AVIOContext *pb, int entries)
} else if (st->codecpar->codec_type==AVMEDIA_TYPE_AUDIO) {
st->codecpar->codec_id = id;
mov_parse_stsd_audio(c, pb, st, sc);
+ if (st->codecpar->sample_rate < 0) {
+ av_log(c->fc, AV_LOG_ERROR, "Invalid sample rate %d\n", st->codecpar->sample_rate);
+ return AVERROR_INVALIDDATA;
+ }
} else if (st->codecpar->codec_type==AVMEDIA_TYPE_SUBTITLE){
st->codecpar->codec_id = id;
mov_parse_stsd_subtitle(c, pb, st, sc,
More information about the ffmpeg-cvslog
mailing list