On 4/28/2016 8:13 AM, Paul B Mahol wrote:
> +static av_cold int bonk_init(AVCodecContext *avctx)
> +{
> + BonkContext *s = avctx->priv_data;
> + int i;
> +
> + avctx->sample_fmt = AV_SAMPLE_FMT_S16;
> + if (avctx->extradata_size < 17)
> + return AVERROR(EINVAL);
> +
> + if (avctx->channels < 1 || avctx->channels > 2)
> + return AVERROR_INVALIDDATA;
> +
> + s->nb_samples = AV_RL32(avctx->extradata + 1) / avctx->channels;
> + if (!s->nb_samples)
> + s->nb_samples = UINT64_MAX;
> + s->lossless = avctx->extradata[10] != 0;
> + s->mid_side = avctx->extradata[11] != 0;
> + s->n_taps = AV_RL16(avctx->extradata + 12);
> + if (!s->n_taps || s->n_taps > 2048)
> + return AVERROR(EINVAL);
> +
> + s->down_sampling = avctx->extradata[14];
> + if (!s->down_sampling)
> + return AVERROR(EINVAL);
> + if (!avctx->channels || avctx->channels > 2)
You already checked this above.
[...]
> +static int bonk_read_header(AVFormatContext *s)
> +{
> + AVStream *st;
> + int ret, i;
> +
> + for (i = 0; !avio_feof(s->pb); i++) {
> + int b = avio_r8(s->pb);
> + if (!b && avio_rl32(s->pb) == MKTAG('B','O','N','K'))
> + break;
> + else if (!b)
> + return AVERROR_INVALIDDATA;
> + }
> +
> + st = avformat_new_stream(s, NULL);
> + if (!st)
> + return AVERROR(ENOMEM);
> + if ((ret = ff_get_extradata(s, st->codecpar, s->pb, 17)) < 0)
> + return ret;
> + st->codecpar->codec_type = AVMEDIA_TYPE_AUDIO;
> + st->codecpar->codec_id = AV_CODEC_ID_BONK;
> + st->codecpar->sample_rate = AV_RL32(st->codecpar->extradata + 5);
> + st->codecpar->channels = st->codecpar->extradata[9];
And you forgot to check these two here :P
Especially channels since the next line could end up in a division by 0.
> + st->duration = AV_RL32(st->codecpar->extradata + 1) /
> st->codecpar->channels;
> + st->need_parsing = AVSTREAM_PARSE_FULL_RAW;
> + avpriv_set_pts_info(st, 64, 1, st->codecpar->sample_rate);
> +
> + return 0;
> +}
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
