[FFmpeg-devel] [PATCH] libopusdec: fix out-of-bounds read
Andreas Cadhalpun
andreas.cadhalpun at googlemail.com
Sun Nov 13 20:23:52 EET 2016
avc->channels can be 0.
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun at googlemail.com>
---
libavcodec/libopusdec.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libavcodec/libopusdec.c b/libavcodec/libopusdec.c
index acc62f1..505ed57 100644
--- a/libavcodec/libopusdec.c
+++ b/libavcodec/libopusdec.c
@@ -50,7 +50,7 @@ static av_cold int libopus_decode_init(AVCodecContext *avc)
avc->sample_rate = 48000;
avc->sample_fmt = avc->request_sample_fmt == AV_SAMPLE_FMT_FLT ?
AV_SAMPLE_FMT_FLT : AV_SAMPLE_FMT_S16;
- avc->channel_layout = avc->channels > 8 ? 0 :
+ avc->channel_layout = (avc->channels > 8 || avc->channels < 1) ? 0 :
ff_vorbis_channel_layouts[avc->channels - 1];
if (avc->extradata_size >= OPUS_HEAD_SIZE) {
--
2.10.2
More information about the ffmpeg-devel
mailing list