[FFmpeg-cvslog] r3d: Add more input value validation
Martin Storsjö
git at videolan.org
Tue Oct 8 02:07:44 CEST 2013
ffmpeg | branch: release/1.1 | Martin Storsjö <martin at martin.st> | Thu Sep 19 17:02:36 2013 +0300| [99fe4c577fc88dc7421b6aa6837e65401b5e56db] | committer: Luca Barbato
r3d: Add more input value validation
Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable at libav.org
Signed-off-by: Martin Storsjö <martin at martin.st>
Conflicts:
libavformat/r3d.c
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=99fe4c577fc88dc7421b6aa6837e65401b5e56db
---
libavformat/r3d.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/libavformat/r3d.c b/libavformat/r3d.c
index a4cb20a..543043e 100644
--- a/libavformat/r3d.c
+++ b/libavformat/r3d.c
@@ -87,7 +87,7 @@ static int r3d_read_red1(AVFormatContext *s)
framerate.num = avio_rb16(s->pb);
framerate.den = avio_rb16(s->pb);
- if (framerate.num && framerate.den) {
+ if (framerate.num > 0 && framerate.den > 0) {
#if FF_API_R_FRAME_RATE
st->r_frame_rate =
#endif
@@ -286,6 +286,10 @@ static int r3d_read_reda(AVFormatContext *s, AVPacket *pkt, Atom *atom)
dts = avio_rb32(s->pb);
st->codec->sample_rate = avio_rb32(s->pb);
+ if (st->codec->sample_rate <= 0) {
+ av_log(s, AV_LOG_ERROR, "Bad sample rate\n");
+ return AVERROR_INVALIDDATA;
+ }
samples = avio_rb32(s->pb);
More information about the ffmpeg-cvslog
mailing list