[FFmpeg-cvslog] ffmdec: validate sample_rate

Andreas Cadhalpun git at videolan.org
Mon Nov 7 01:54:00 EET 2016


ffmpeg | branch: master | Andreas Cadhalpun <Andreas.Cadhalpun at googlemail.com> | Sun Oct 23 16:05:01 2016 +0200| [0009457dc09739685ee192c90d6691e1663c8b9c] | committer: Andreas Cadhalpun

ffmdec: validate sample_rate

A negative sample rate doesn't make sense and triggers assertions in
av_rescale_rnd.

Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun at googlemail.com>

> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=0009457dc09739685ee192c90d6691e1663c8b9c
---

 libavformat/ffmdec.c | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/libavformat/ffmdec.c b/libavformat/ffmdec.c
index 16ba8ec..6b09be2 100644
--- a/libavformat/ffmdec.c
+++ b/libavformat/ffmdec.c
@@ -432,6 +432,11 @@ static int ffm2_read_header(AVFormatContext *s)
                 goto fail;
             }
             codec->sample_rate = avio_rb32(pb);
+            if (codec->sample_rate <= 0) {
+                av_log(s, AV_LOG_ERROR, "Invalid sample rate %d\n", codec->sample_rate);
+                ret = AVERROR_INVALIDDATA;
+                goto fail;
+            }
             codec->channels = avio_rl16(pb);
             codec->frame_size = avio_rl16(pb);
             break;
@@ -628,6 +633,10 @@ static int ffm_read_header(AVFormatContext *s)
             break;
         case AVMEDIA_TYPE_AUDIO:
             codec->sample_rate = avio_rb32(pb);
+            if (codec->sample_rate <= 0) {
+                av_log(s, AV_LOG_ERROR, "Invalid sample rate %d\n", codec->sample_rate);
+                goto fail;
+            }
             codec->channels = avio_rl16(pb);
             codec->frame_size = avio_rl16(pb);
             break;



More information about the ffmpeg-cvslog mailing list