[FFmpeg-devel] [libav-devel] [PATCH] libopusdec: fix out-of-bounds read
Andreas Cadhalpun
andreas.cadhalpun at googlemail.com
Tue Nov 15 00:40:05 EET 2016
On 14.11.2016 22:59, Carl Eugen Hoyos wrote:
> 2016-11-14 21:55 GMT+01:00 Andreas Cadhalpun <andreas.cadhalpun at googlemail.com>:
>
>>> channels being zero is perfectly valid, it means the caller does not
>>> know the channel count and expects the decoder to read it from the
>>> bitstream.
>>
>> In general code this is correct, however if e.g. the matroska demuxer
>> reads an audio stream which claims to have 0 channels, it should
>> be rejected as broken.
>
> I don't know the exact "broken" case you are referring to but
> generally, FFmpeg should not reject files because a field in
> their header is set incorrectly, especially if such "broken"
> files were played in the past.
Well, if the field should contain the number of channels but doesn't,
the sample is not correct.
Anyway, zero channels is borderline, but what about a negative number
of channels?
Best regards,
Andreas
More information about the ffmpeg-devel
mailing list