[FFmpeg-devel] [PATCH] avcodec/binkaudio: Check sample_rate to avoid integer overflow
Michael Niedermayer
michaelni at gmx.at
Sun Feb 9 22:28:48 EET 2020
On Sat, Feb 01, 2020 at 11:48:06PM +0100, Michael Niedermayer wrote:
> On Sat, Feb 01, 2020 at 04:17:10PM +0100, Paul B Mahol wrote:
> > On 2/1/20, Michael Niedermayer <michael at niedermayer.cc> wrote:
> > > On Tue, Jan 14, 2020 at 04:04:29PM +0100, Paul B Mahol wrote:
> > >> This better belong to generic code.
> > >
> > > This specific check (which checks for INT_MAX) is specific to our
> > > bink audio code which does a +1
> > > so it would not fit in generic code
> > >
> > > We could arbitrarily decide on a maximum sample rate hardcode that
> > > and check for that in generic code.
> > > I can implement that if people prefer. It would not avoid all
> > > sample rate checks in codecs though ...
> >
> > sample rate can not be > INT_MAX
>
> no and the code also doesnt check > INT_MAX
> I think you maybe missed the = in >=
> theres a +1 and INT_MAX+1 is bad so INT_MAX is checked for
> we can do that in generic code but its only this decoder that has this
> issue other decoders may have other limits. That makes this specific
> check threshold bad for a check in generic code. Another threshold
> would work in generic code, it would be arbitrary though and limit
> most decoders more than needed
> Iam happy to implement what people prefer but the check as it is
> makes not much sense if its moved as is into generic code
any preferrance on how to solve this ?
or you are ok with the patch ?
thanks
[...]
--
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB
If you drop bombs on a foreign country and kill a hundred thousand
innocent people, expect your government to call the consequence
"unprovoked inhuman terrorist attacks" and use it to justify dropping
more bombs and killing more people. The technology changed, the idea is old.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: not available
URL: <https://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20200209/17cf0f3f/attachment.sig>
More information about the ffmpeg-devel
mailing list