[FFmpeg-devel] [PATCH 2/2] matroskadec: validate audio channels and bitdepth
Andreas Cadhalpun
andreas.cadhalpun at googlemail.com
Mon Jun 15 21:17:44 CEST 2015
The values are written with avio_wl16 and if they don't fit into
uint16_t, this triggers an av_assert2 in avio_w8.
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun at googlemail.com>
---
libavformat/matroskadec.c | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/libavformat/matroskadec.c b/libavformat/matroskadec.c
index 81dd53f..7af03c9 100644
--- a/libavformat/matroskadec.c
+++ b/libavformat/matroskadec.c
@@ -1889,6 +1889,14 @@ static int matroska_parse_tracks(AVFormatContext *s)
NULL, NULL, NULL, NULL);
avio_write(&b, "TTA1", 4);
avio_wl16(&b, 1);
+ if (track->audio.channels > UINT16_MAX ||
+ track->audio.bitdepth > UINT16_MAX) {
+ av_log(matroska->ctx, AV_LOG_ERROR,
+ "Too large audio channel number %"PRIu64
+ " or bitdepth %"PRIu64".\n",
+ track->audio.channels, track->audio.bitdepth);
+ return AVERROR_INVALIDDATA;
+ }
avio_wl16(&b, track->audio.channels);
avio_wl16(&b, track->audio.bitdepth);
if (track->audio.out_samplerate < 0 || track->audio.out_samplerate > INT_MAX)
--
2.1.4
More information about the ffmpeg-devel
mailing list