[FFmpeg-devel] [PATCH 1/2] avcodec/liblc3dec: sanitize channel count in avctx
Stefano Sabatini
stefasab at gmail.com
Thu Apr 4 19:40:46 EEST 2024
On date Thursday 2024-04-04 13:29:35 -0300, James Almer wrote:
> Should prevent out of array accesses.
>
> Signed-off-by: James Almer <jamrial at gmail.com>
> ---
> libavcodec/liblc3dec.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/libavcodec/liblc3dec.c b/libavcodec/liblc3dec.c
> index c0a31bc91f..52364859d4 100644
> --- a/libavcodec/liblc3dec.c
> +++ b/libavcodec/liblc3dec.c
> @@ -46,6 +46,8 @@ static av_cold int liblc3_decode_init(AVCodecContext *avctx)
>
> if (avctx->extradata_size < 10)
> return AVERROR_INVALIDDATA;
> + if (channels < 0 || channels > DECODER_MAX_CHANNELS)
> + return AVERROR_INVALIDDATA;
add a log:
av_log(avctx, AV_LOG_ERROR,
"Invalid number of channels %d, max %d decoder channels are accepted\n",
channels, DECODER_MAX_CHANNES);
> liblc3->frame_us = AV_RL16(avctx->extradata + 0) * 10;
> liblc3->srate_hz = avctx->sample_rate;
LGTM otherwise, thanks.
More information about the ffmpeg-devel
mailing list