On 11.07.2015 00:49, Michael Niedermayer wrote:
> On Sat, Jul 11, 2015 at 12:39:09AM +0200, Andreas Cadhalpun wrote:
>> Signed-off-by: Andreas Cadhalpun <andreas.cadhal...@googlemail.com>
>> ---
>>  libavformat/riffdec.c | 5 +++++
>>  1 file changed, 5 insertions(+)
>>
>> diff --git a/libavformat/riffdec.c b/libavformat/riffdec.c
>> index eebd8ed..be55699 100644
>> --- a/libavformat/riffdec.c
>> +++ b/libavformat/riffdec.c
>> @@ -106,6 +106,11 @@ int ff_get_wav_header(AVIOContext *pb, AVCodecContext 
>> *codec, int size, int big_
>>          codec->bit_rate    = avio_rb32(pb) * 8;
>>          codec->block_align = avio_rb16(pb);
>>      }
>> +    if (codec->bit_rate < 0) {
>> +        av_log(NULL, AV_LOG_ERROR,
>> +               "Invalid bit rate: %d\n", codec->bit_rate);
>> +        return AVERROR_INVALIDDATA;
>> +    }
> 
> i think it might be better to just warn on a invalid bitrate and only
> error out if AV_EF_EXPLODE is set
> because erroring out from header reading coul end all
> further decoding of that stream (which might in principle be fine
> otherwise)

Makes sense, new patch attached.
Note however that the explode mode doesn't necessarily work, because e.g.
the avi demuxer doesn't set err_recognition for the AVCodecContext.

Best regards,
Andreas



>From 10b32efc74f6e1795a02cfcf84fd0e82c5b1dcdc Mon Sep 17 00:00:00 2001
From: Andreas Cadhalpun <andreas.cadhal...@googlemail.com>
Date: Sat, 11 Jul 2015 00:09:46 +0200
Subject: [PATCH] riffdec: prevent negative bit rate

Signed-off-by: Andreas Cadhalpun <andreas.cadhal...@googlemail.com>
---
 libavformat/riffdec.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/libavformat/riffdec.c b/libavformat/riffdec.c
index eebd8ed..b3f5d33 100644
--- a/libavformat/riffdec.c
+++ b/libavformat/riffdec.c
@@ -106,6 +106,14 @@ int ff_get_wav_header(AVIOContext *pb, AVCodecContext *codec, int size, int big_
         codec->bit_rate    = avio_rb32(pb) * 8;
         codec->block_align = avio_rb16(pb);
     }
+    if (codec->bit_rate < 0) {
+        av_log(NULL, AV_LOG_WARNING,
+               "Invalid bit rate: %d\n", codec->bit_rate);
+        if (codec->err_recognition & AV_EF_EXPLODE)
+            return AVERROR_INVALIDDATA;
+        else
+            codec->bit_rate = 0;
+    }
     if (size == 14) {  /* We're dealing with plain vanilla WAVEFORMAT */
         codec->bits_per_coded_sample = 8;
     } else {
-- 
2.1.4

_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-devel

Reply via email to