[FFmpeg-devel] [PATCH 2/2] avformat/wavdec: check sample count validity
Ganesh Ajjanagadde
gajjanagadde at gmail.com
Thu Jul 30 22:06:54 CEST 2015
Can be used to fix Ticket4577
Signed-off-by: Ganesh Ajjanagadde <gajjanagadde at gmail.com>
---
libavformat/wavdec.c | 9 +++++++--
1 file changed, 7 insertions(+), 2 deletions(-)
diff --git a/libavformat/wavdec.c b/libavformat/wavdec.c
index 1803b5c..ba70da6 100644
--- a/libavformat/wavdec.c
+++ b/libavformat/wavdec.c
@@ -434,8 +434,13 @@ break_loop:
data_size = 0;
}
- if ( data_size > 0 && sample_count && st->codec->channels
- && (data_size << 3) / sample_count / st->codec->channels > st->codec->bits_per_coded_sample) {
+ if (st->codec->channels && sample_count > (INT64_MAX/st->codec->channels)) {
+ av_log(s, AV_LOG_WARNING, "Sample count %"PRId64" is too large\n", sample_count);
+ sample_count = 0;
+ }
+
+ if (data_size > 0 && st->codec->bit_rate > 0 && sample_count && st->codec->sample_rate
+ && (data_size << 3) / st->codec->bit_rate > (sample_count * st->codec->channels) / (st->codec->sample_rate)) {
av_log(s, AV_LOG_WARNING, "ignoring wrong sample_count %"PRId64"\n", sample_count);
sample_count = 0;
}
--
2.5.0
More information about the ffmpeg-devel
mailing list