[FFmpeg-devel] [PATCH 2/2] lavc/tak: do not store invalid values in stream info

Anton Khirnov anton at khirnov.net
Thu May 4 21:49:21 EEST 2023 

When tak_get_nb_samples() fails, it will currently write
AVERROR_INVALIDDATA as TAKStreamInfo.frame_samples. The parser will then
use this negative value as a frame duration, which leads to various
breakage.

Avoid this by returning the error code from tak_parse_streaminfo()
directly and never store negative values in the parsed header.
---
 libavcodec/tak.c | 20 +++++++++++++-------
 1 file changed, 13 insertions(+), 7 deletions(-)

diff --git a/libavcodec/tak.c b/libavcodec/tak.c
index d1604dc9d2..628609b71b 100644
--- a/libavcodec/tak.c
+++ b/libavcodec/tak.c
@@ -92,10 +92,10 @@ int ff_tak_check_crc(const uint8_t *buf, unsigned int buf_size)
     return 0;
 }
 
-static void tak_parse_streaminfo(TAKStreamInfo *s, GetBitContext *gb)
+static int tak_parse_streaminfo(TAKStreamInfo *s, GetBitContext *gb)
 {
     uint64_t channel_mask = 0;
-    int frame_type, i;
+    int frame_type, i, ret;
 
     s->codec = get_bits(gb, TAK_ENCODER_CODEC_BITS);
     skip_bits(gb, TAK_ENCODER_PROFILE_BITS);
@@ -124,7 +124,13 @@ static void tak_parse_streaminfo(TAKStreamInfo *s, GetBitContext *gb)
     }
 
     s->ch_layout     = channel_mask;
-    s->frame_samples = tak_get_nb_samples(s->sample_rate, frame_type);
+
+    ret = tak_get_nb_samples(s->sample_rate, frame_type);
+    if (ret < 0)
+        return ret;
+    s->frame_samples = ret;
+
+    return 0;
 }
 
 int avpriv_tak_parse_streaminfo(TAKStreamInfo *s, const uint8_t *buf, int size)
@@ -135,9 +141,7 @@ int avpriv_tak_parse_streaminfo(TAKStreamInfo *s, const uint8_t *buf, int size)
     if (ret < 0)
         return AVERROR_INVALIDDATA;
 
-    tak_parse_streaminfo(s, &gb);
-
-    return 0;
+    return tak_parse_streaminfo(s, &gb);
 }
 
 int ff_tak_decode_frame_header(AVCodecContext *avctx, GetBitContext *gb,
@@ -159,7 +163,9 @@ int ff_tak_decode_frame_header(AVCodecContext *avctx, GetBitContext *gb,
     }
 
     if (ti->flags & TAK_FRAME_FLAG_HAS_INFO) {
-        tak_parse_streaminfo(ti, gb);
+        int ret = tak_parse_streaminfo(ti, gb);
+        if (ret < 0)
+            return ret;
 
         if (get_bits(gb, 6))
             skip_bits(gb, 25);
-- 
2.39.2

More information about the ffmpeg-devel mailing list