On 1/7/17, Michael Niedermayer <mich...@niedermayer.cc> wrote: > On Fri, Jan 06, 2017 at 08:48:02PM +0100, Andreas Cadhalpun wrote: >> Signed-off-by: Andreas Cadhalpun <andreas.cadhal...@googlemail.com> >> --- >> libavformat/genh.c | 1 + >> 1 file changed, 1 insertion(+) >> >> diff --git a/libavformat/genh.c b/libavformat/genh.c >> index b683e026d1..6ce2588ed3 100644 >> --- a/libavformat/genh.c >> +++ b/libavformat/genh.c >> @@ -74,6 +74,7 @@ static int genh_read_header(AVFormatContext *s) >> case 0: st->codecpar->codec_id = AV_CODEC_ID_ADPCM_PSX; >> break; >> case 1: >> case 11: st->codecpar->bits_per_coded_sample = 4; >> + FF_RETURN_ON_OVERFLOW(s, st->codecpar->channels > INT_MAX / >> 36) >> st->codecpar->block_align = 36 * st->codecpar->channels; >> st->codecpar->codec_id = AV_CODEC_ID_ADPCM_IMA_WAV; >> break; >> case 2: st->codecpar->codec_id = AV_CODEC_ID_ADPCM_DTK; >> break; > > i see a channels * 1024 in genh_read_packet() > is the added check sufficient ? > > also i think we should ask for a sample for a file that has a > channel count beyond normal bounds
No, we should not as such samples are invalid. _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
