On Thu, Dec 15, 2016 at 02:18:17AM +0100, Andreas Cadhalpun wrote:
> Signed-off-by: Andreas Cadhalpun <andreas.cadhal...@googlemail.com>
> ---
> libavformat/4xm.c | 5 +++++
> 1 file changed, 5 insertions(+)
>
> diff --git a/libavformat/4xm.c b/libavformat/4xm.c
> index 2758b69..308d889 100644
> --- a/libavformat/4xm.c
> +++ b/libavformat/4xm.c
> @@ -187,6 +187,11 @@ static int parse_strk(AVFormatContext *s,
> st->codecpar->bit_rate = (int64_t)st->codecpar->channels *
> st->codecpar->sample_rate *
>
> st->codecpar->bits_per_coded_sample;
> + if (st->codecpar->channels && st->codecpar->bits_per_coded_sample >
> INT_MAX / st->codecpar->channels) {
> + av_log(s, AV_LOG_ERROR, "Overflow during block alignment calculation
> %d * %d\n",
> + st->codecpar->channels, st->codecpar->bits_per_coded_sample);
> + return AVERROR_INVALIDDATA;
> + }
> st->codecpar->block_align = st->codecpar->channels *
>
> st->codecpar->bits_per_coded_sample;should be ok, alternatively the parameters could be limited tighter, they would need to be unrealistically large for an overflow thx [...] -- Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB I do not agree with what you have to say, but I'll defend to the death your right to say it. -- Voltaire
signature.asc
Description: Digital signature
_______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
