[FFmpeg-devel] [PATCH 4/9] genh: prevent overflow during block alignment calculation
Paul B Mahol
onemda at gmail.com
Sat Jan 7 10:29:35 EET 2017
On 1/7/17, Michael Niedermayer <michael at niedermayer.cc> wrote:
> On Fri, Jan 06, 2017 at 08:48:02PM +0100, Andreas Cadhalpun wrote:
>> Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun at googlemail.com>
>> ---
>> libavformat/genh.c | 1 +
>> 1 file changed, 1 insertion(+)
>>
>> diff --git a/libavformat/genh.c b/libavformat/genh.c
>> index b683e026d1..6ce2588ed3 100644
>> --- a/libavformat/genh.c
>> +++ b/libavformat/genh.c
>> @@ -74,6 +74,7 @@ static int genh_read_header(AVFormatContext *s)
>> case 0: st->codecpar->codec_id = AV_CODEC_ID_ADPCM_PSX;
>> break;
>> case 1:
>> case 11: st->codecpar->bits_per_coded_sample = 4;
>> + FF_RETURN_ON_OVERFLOW(s, st->codecpar->channels > INT_MAX /
>> 36)
>> st->codecpar->block_align = 36 * st->codecpar->channels;
>> st->codecpar->codec_id = AV_CODEC_ID_ADPCM_IMA_WAV;
>> break;
>> case 2: st->codecpar->codec_id = AV_CODEC_ID_ADPCM_DTK;
>> break;
>
> i see a channels * 1024 in genh_read_packet()
> is the added check sufficient ?
>
> also i think we should ask for a sample for a file that has a
> channel count beyond normal bounds
No, we should not as such samples are invalid.
More information about the ffmpeg-devel
mailing list