Re: [FFmpeg-devel] [PATCH] rsd: limit number of channels

2016-10-20 Thread Andreas Cadhalpun
On 20.10.2016 02:04, Michael Niedermayer wrote: > On Wed, Oct 19, 2016 at 11:46:43PM +0200, Andreas Cadhalpun wrote: >> Negative values don't make sense and too large values can cause >> overflows. For AV_CODEC_ID_ADPCM_THP this leads to a too small extradata >> buffer being allocated, causing out-

Re: [FFmpeg-devel] [PATCH] rsd: limit number of channels

2016-10-19 Thread Michael Niedermayer
On Wed, Oct 19, 2016 at 11:46:43PM +0200, Andreas Cadhalpun wrote: > Negative values don't make sense and too large values can cause > overflows. For AV_CODEC_ID_ADPCM_THP this leads to a too small extradata > buffer being allocated, causing out-of-bounds writes. > > Signed-off-by: Andreas Cadhalp