On Fri, Jan 06, 2017 at 09:27:29PM +0100, Andreas Cadhalpun wrote: > On 06.01.2017 20:58, Ronald S. Bultje wrote: > > Hi, > > > > On Fri, Jan 6, 2017 at 2:47 PM, Andreas Cadhalpun < > > andreas.cadhal...@googlemail.com> wrote: > > > >> Signed-off-by: Andreas Cadhalpun <andreas.cadhal...@googlemail.com> > >> --- > >> libavformat/4xm.c | 1 + > >> 1 file changed, 1 insertion(+) > >> > >> diff --git a/libavformat/4xm.c b/libavformat/4xm.c > >> index 2758b69d29..45949c4e97 100644 > >> --- a/libavformat/4xm.c > >> +++ b/libavformat/4xm.c > >> @@ -187,6 +187,7 @@ static int parse_strk(AVFormatContext *s, > >> st->codecpar->bit_rate = (int64_t)st->codecpar->channels > >> * > >> st->codecpar->sample_rate * > >> st->codecpar->bits_per_coded_ > >> sample; > >> + FF_RETURN_ON_OVERFLOW(s, st->codecpar->channels && > >> st->codecpar->bits_per_coded_sample > INT_MAX / st->codecpar->channels) > >> st->codecpar->block_align = st->codecpar->channels * > >> st->codecpar->bits_per_coded_ > >> sample; > >> > >> -- > >> 2.11.0 > > > > > > To an innocent reader (who doesn't know/care about SIGFPE), this might look > > like channels = 0 is an actual valid decoder condition that is explicitly > > handled here. > > Actually this function errors out earlier if channels is zero, so I've removed > this pointless additional check. Updated patch is attached. > > Best regards, > Andreas > >
> 4xm.c | 1 + > 1 file changed, 1 insertion(+) > 4b27cb10f25865014fac1666956f7040d65113f9 > 0002-4xm-prevent-overflow-during-block-alignment-calculat.patch > From 861b62eec30feaa56b10eec7ba4029daf48a3c28 Mon Sep 17 00:00:00 2001 > From: Andreas Cadhalpun <andreas.cadhal...@googlemail.com> > Date: Thu, 15 Dec 2016 02:14:31 +0100 > Subject: [PATCH 2/9] 4xm: prevent overflow during block alignment calculation > > Signed-off-by: Andreas Cadhalpun <andreas.cadhal...@googlemail.com> > --- > libavformat/4xm.c | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/libavformat/4xm.c b/libavformat/4xm.c > index 2758b69d29..58729fed0d 100644 > --- a/libavformat/4xm.c > +++ b/libavformat/4xm.c > @@ -187,6 +187,7 @@ static int parse_strk(AVFormatContext *s, > st->codecpar->bit_rate = (int64_t)st->codecpar->channels * > st->codecpar->sample_rate * > > st->codecpar->bits_per_coded_sample; > + FF_RETURN_ON_OVERFLOW(s, st->codecpar->bits_per_coded_sample > INT_MAX / > st->codecpar->channels) > st->codecpar->block_align = st->codecpar->channels * > > st->codecpar->bits_per_coded_sample; i think we should check channels for > 8 or something and ask for a sample and check bits_per_coded_sample against what maximal sensible value of bits a sample and ask for a sample if above the patch should be ok thx [...] -- Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB it is not once nor twice but times without number that the same ideas make their appearance in the world. -- Aristotle
signature.asc
Description: Digital signature
_______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
