[FFmpeg-devel] [PATCH] avformat/mov: Stricter sanity checks on the display_matrix

Michael Niedermayer michaelni at gmx.at
Wed Jan 21 17:02:01 CET 2015


Fixes "broken" tkhd
Found-by: koda
Signed-off-by: Michael Niedermayer <michaelni at gmx.at>
---
 libavformat/mov.c |    3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/libavformat/mov.c b/libavformat/mov.c
index 556411f..6851947 100644
--- a/libavformat/mov.c
+++ b/libavformat/mov.c
@@ -2874,7 +2874,8 @@ static int mov_read_tkhd(MOVContext *c, AVIOContext *pb, MOVAtom atom)
         for (i = 0; i < 2; i++)
             disp_transform[i] = sqrt(SQR(display_matrix[i][0]) + SQR(display_matrix[i][1]));
 
-        if (disp_transform[0] > 0 && disp_transform[1] > 0 &&
+        if (disp_transform[0] > 0       && disp_transform[1] > 0 &&
+            disp_transform[0] < (1<<24) && disp_transform[1] < (1<<24) &&
             fabs((disp_transform[0] / disp_transform[1]) - 1.0) > 0.01)
             st->sample_aspect_ratio = av_d2q(
                 disp_transform[0] / disp_transform[1],
-- 
1.7.9.5



More information about the ffmpeg-devel mailing list