[FFmpeg-devel] [PATCH 6/6] pvfdec: prevent overflow during block alignment, calculation
Ronald S. Bultje
rsbultje at gmail.com
Thu Dec 15 15:04:23 EET 2016
Hi,
On Wed, Dec 14, 2016 at 8:19 PM, Andreas Cadhalpun <
andreas.cadhalpun at googlemail.com> wrote:
> Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun at googlemail.com>
> ---
> libavformat/pvfdec.c | 5 +++++
> 1 file changed, 5 insertions(+)
>
> diff --git a/libavformat/pvfdec.c b/libavformat/pvfdec.c
> index b9f6d4f..5eecc22 100644
> --- a/libavformat/pvfdec.c
> +++ b/libavformat/pvfdec.c
> @@ -56,6 +56,11 @@ static int pvf_read_header(AVFormatContext *s)
> st->codecpar->sample_rate = sample_rate;
> st->codecpar->codec_id = ff_get_pcm_codec_id(bps, 0, 1, 0xFFFF);
> st->codecpar->bits_per_coded_sample = bps;
> + if (bps > INT_MAX / st->codecpar->channels) {
> + av_log(s, AV_LOG_ERROR, "Overflow during block alignment
> calculation %d * %d\n",
> + bps, st->codecpar->channels);
> + return AVERROR_INVALIDDATA;
> + }
And this is what I meant.
Please stop. No. No. No. No. No. Not in codec code. Add these checks in
generic code if you care about the outcome, but please don't make each
codec a crapshoot like this.
Please. From a maintenance point of view, that's a much better approach.
Please stop for a second and think about my point of view here. I beg you.
Please.
Ronald
More information about the ffmpeg-devel
mailing list