[FFmpeg-devel] [PATCH] check for mod by zero (issue 2502)

Michael Niedermayer michaelni
Fri Jan 7 03:48:03 CET 2011


On Thu, Jan 06, 2011 at 09:36:28PM -0500, Daniel Kang wrote:
> For PCM audio, ffmpeg does not check of the sample_size is zero before
> multiplying, then modding. This causes ffmpeg to crash with SIGPE for
> invalid sample_size. The patch attached adds a check for this.
> 
> The roundup issue is 2502.

>  pcm.c |    4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
> 349f5361ba6f50e9e3f82445ab78f1d8e36c5165  pcm_sanity_check.diff
> From 474824a13fe578e241ce61e8bf4305e647eb8595 Mon Sep 17 00:00:00 2001
> From: Daniel Kang <daniel.d.kang at gmail.com>
> Date: Thu, 6 Jan 2011 21:03:27 -0500
> Subject: [PATCH] Add check for pcm files.
> 
> ---
>  libavcodec/pcm.c |    4 ++--
>  1 files changed, 2 insertions(+), 2 deletions(-)
> 
> diff --git a/libavcodec/pcm.c b/libavcodec/pcm.c
> index b6b49dc..992189f 100644
> --- a/libavcodec/pcm.c
> +++ b/libavcodec/pcm.c
> @@ -294,8 +294,8 @@ static int pcm_decode_frame(AVCodecContext *avctx,
> 
>      n = avctx->channels * sample_size;
> 
> -    if(n && buf_size % n){
> -        if (buf_size < n) {
> +    if((n == 0)||(n && buf_size % n)){
> +        if ((n == 0) || (buf_size < n)) {
>              av_log(avctx, AV_LOG_ERROR, "invalid PCM packet\n");
>              return -1;

av_get_bits_per_sample(avctx->codec_id) == 0
could be checked in pcm_decode_init()
that way failure would happen earlier instead of later failing for every packet

[...]
-- 
Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

The real ebay dictionary, page 3
"Rare item" - "Common item with rare defect or maybe just a lie"
"Professional" - "'Toy' made in china, not functional except as doorstop"
"Experts will know" - "The seller hopes you are not an expert"
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://lists.mplayerhq.hu/pipermail/ffmpeg-devel/attachments/20110107/f5539caf/attachment.pgp>



More information about the ffmpeg-devel mailing list