[FFmpeg-devel] [PATCH 2/9] 4xm: prevent overflow during block alignment calculation

Michael Niedermayer michael at niedermayer.cc
Sat Jan 7 03:31:20 EET 2017


On Fri, Jan 06, 2017 at 09:27:29PM +0100, Andreas Cadhalpun wrote:
> On 06.01.2017 20:58, Ronald S. Bultje wrote:
> > Hi,
> > 
> > On Fri, Jan 6, 2017 at 2:47 PM, Andreas Cadhalpun <
> > andreas.cadhalpun at googlemail.com> wrote:
> > 
> >> Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun at googlemail.com>
> >> ---
> >>  libavformat/4xm.c | 1 +
> >>  1 file changed, 1 insertion(+)
> >>
> >> diff --git a/libavformat/4xm.c b/libavformat/4xm.c
> >> index 2758b69d29..45949c4e97 100644
> >> --- a/libavformat/4xm.c
> >> +++ b/libavformat/4xm.c
> >> @@ -187,6 +187,7 @@ static int parse_strk(AVFormatContext *s,
> >>      st->codecpar->bit_rate              = (int64_t)st->codecpar->channels
> >> *
> >>                                            st->codecpar->sample_rate *
> >>                                            st->codecpar->bits_per_coded_
> >> sample;
> >> +    FF_RETURN_ON_OVERFLOW(s, st->codecpar->channels &&
> >> st->codecpar->bits_per_coded_sample > INT_MAX / st->codecpar->channels)
> >>      st->codecpar->block_align           = st->codecpar->channels *
> >>                                            st->codecpar->bits_per_coded_
> >> sample;
> >>
> >> --
> >> 2.11.0
> > 
> > 
> > To an innocent reader (who doesn't know/care about SIGFPE), this might look
> > like channels = 0 is an actual valid decoder condition that is explicitly
> > handled here.
> 
> Actually this function errors out earlier if channels is zero, so I've removed
> this pointless additional check. Updated patch is attached.
> 
> Best regards,
> Andreas
> 
> 

>  4xm.c |    1 +
>  1 file changed, 1 insertion(+)
> 4b27cb10f25865014fac1666956f7040d65113f9  0002-4xm-prevent-overflow-during-block-alignment-calculat.patch
> From 861b62eec30feaa56b10eec7ba4029daf48a3c28 Mon Sep 17 00:00:00 2001
> From: Andreas Cadhalpun <Andreas.Cadhalpun at googlemail.com>
> Date: Thu, 15 Dec 2016 02:14:31 +0100
> Subject: [PATCH 2/9] 4xm: prevent overflow during block alignment calculation
> 
> Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun at googlemail.com>
> ---
>  libavformat/4xm.c | 1 +
>  1 file changed, 1 insertion(+)
> 
> diff --git a/libavformat/4xm.c b/libavformat/4xm.c
> index 2758b69d29..58729fed0d 100644
> --- a/libavformat/4xm.c
> +++ b/libavformat/4xm.c
> @@ -187,6 +187,7 @@ static int parse_strk(AVFormatContext *s,
>      st->codecpar->bit_rate              = (int64_t)st->codecpar->channels *
>                                            st->codecpar->sample_rate *
>                                            st->codecpar->bits_per_coded_sample;
> +    FF_RETURN_ON_OVERFLOW(s, st->codecpar->bits_per_coded_sample > INT_MAX / st->codecpar->channels)
>      st->codecpar->block_align           = st->codecpar->channels *
>                                            st->codecpar->bits_per_coded_sample;

i think we should check channels for > 8 or something and ask for a
sample and check bits_per_coded_sample against what maximal sensible
value of bits a sample and ask for a sample if above

the patch should be ok

thx

[...]

-- 
Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

it is not once nor twice but times without number that the same ideas make
their appearance in the world. -- Aristotle
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: Digital signature
URL: <http://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20170107/c6ac17fb/attachment.sig>


More information about the ffmpeg-devel mailing list