[FFmpeg-devel] [PATCH 1/3] 4xm: prevent overflow during bit rate calculation
Ronald S. Bultje
rsbultje at gmail.com
Wed Dec 14 03:01:42 EET 2016
Hi,
On Tue, Dec 13, 2016 at 7:57 PM, Andreas Cadhalpun <
andreas.cadhalpun at googlemail.com> wrote:
> Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun at googlemail.com>
> ---
> libavformat/4xm.c | 8 +++++++-
> 1 file changed, 7 insertions(+), 1 deletion(-)
>
> diff --git a/libavformat/4xm.c b/libavformat/4xm.c
> index 8a50778..2758b69 100644
> --- a/libavformat/4xm.c
> +++ b/libavformat/4xm.c
> @@ -163,6 +163,12 @@ static int parse_strk(AVFormatContext *s,
> return AVERROR_INVALIDDATA;
> }
>
> + if (fourxm->tracks[track].sample_rate > INT64_MAX /
> fourxm->tracks[track].bits / fourxm->tracks[track].channels) {
> + av_log(s, AV_LOG_ERROR, "Overflow during bit rate calculation %d
> * %d * %d\n",
> + fourxm->tracks[track].sample_rate,
> fourxm->tracks[track].bits, fourxm->tracks[track].channels);
> + return AVERROR_INVALIDDATA;
> + }
What is the functional effect of the overflow? Does it crash? Or is there
some other security issue?
Ronald
More information about the ffmpeg-devel
mailing list