[FFmpeg-devel] [PATCH 5/9] ircamdec: prevent overflow during block alignment calculation
Ronald S. Bultje
rsbultje at gmail.com
Fri Jan 6 23:31:55 EET 2017
Hi,
On Fri, Jan 6, 2017 at 2:48 PM, Andreas Cadhalpun <
andreas.cadhalpun at googlemail.com> wrote:
> Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun at googlemail.com>
> ---
> libavformat/ircamdec.c | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/libavformat/ircamdec.c b/libavformat/ircamdec.c
> index 59f3a49411..f3cf4d0dc9 100644
> --- a/libavformat/ircamdec.c
> +++ b/libavformat/ircamdec.c
> @@ -96,6 +96,7 @@ static int ircam_read_header(AVFormatContext *s)
> }
>
> st->codecpar->bits_per_coded_sample = av_get_bits_per_sample(st->
> codecpar->codec_id);
> + FF_RETURN_ON_OVERFLOW(s, st->codecpar->channels &&
> st->codecpar->bits_per_coded_sample > INT_MAX / st->codecpar->channels)
> st->codecpar->block_align = st->codecpar->bits_per_coded_sample *
> st->codecpar->channels / 8;
> avpriv_set_pts_info(st, 64, 1, st->codecpar->sample_rate);
> avio_skip(s->pb, 1008);
I see this code a few lines up:
if (!channels || !sample_rate)
return AVERROR_INVALIDDATA;
So channels == 0 seems impossible to me.
Ronald
More information about the ffmpeg-devel
mailing list