[FFmpeg-devel] [PATCH 1/6] 4xm: prevent overflow during block alignment calculation
Michael Niedermayer
michael at niedermayer.cc
Thu Dec 15 17:48:39 EET 2016
On Thu, Dec 15, 2016 at 02:18:17AM +0100, Andreas Cadhalpun wrote:
> Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun at googlemail.com>
> ---
> libavformat/4xm.c | 5 +++++
> 1 file changed, 5 insertions(+)
>
> diff --git a/libavformat/4xm.c b/libavformat/4xm.c
> index 2758b69..308d889 100644
> --- a/libavformat/4xm.c
> +++ b/libavformat/4xm.c
> @@ -187,6 +187,11 @@ static int parse_strk(AVFormatContext *s,
> st->codecpar->bit_rate = (int64_t)st->codecpar->channels *
> st->codecpar->sample_rate *
> st->codecpar->bits_per_coded_sample;
> + if (st->codecpar->channels && st->codecpar->bits_per_coded_sample > INT_MAX / st->codecpar->channels) {
> + av_log(s, AV_LOG_ERROR, "Overflow during block alignment calculation %d * %d\n",
> + st->codecpar->channels, st->codecpar->bits_per_coded_sample);
> + return AVERROR_INVALIDDATA;
> + }
> st->codecpar->block_align = st->codecpar->channels *
> st->codecpar->bits_per_coded_sample;
should be ok, alternatively the parameters could be limited tighter,
they would need to be unrealistically large for an overflow
thx
[...]
--
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB
I do not agree with what you have to say, but I'll defend to the death your
right to say it. -- Voltaire
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: Digital signature
URL: <http://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20161215/3a571aa6/attachment.sig>
More information about the ffmpeg-devel
mailing list