[FFmpeg-cvslog] lavc/alac: Avoid allocating huge memory blocks for malicious alac input.
Carl Eugen Hoyos
git at videolan.org
Sat Nov 4 18:09:11 EET 2017
ffmpeg | branch: master | Carl Eugen Hoyos <ceffmpeg at gmail.com> | Wed Nov 1 15:14:22 2017 +0100| [3357b68bc02d855a92656d7a474b22adb32ca1a7] | committer: Carl Eugen Hoyos
lavc/alac: Avoid allocating huge memory blocks for malicious alac input.
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=3357b68bc02d855a92656d7a474b22adb32ca1a7
---
libavcodec/alac.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libavcodec/alac.c b/libavcodec/alac.c
index d6bd21ba13..93cf198eea 100644
--- a/libavcodec/alac.c
+++ b/libavcodec/alac.c
@@ -524,7 +524,7 @@ static int alac_set_info(ALACContext *alac)
alac->max_samples_per_frame = bytestream2_get_be32u(&gb);
if (!alac->max_samples_per_frame ||
- alac->max_samples_per_frame > INT_MAX / sizeof(int32_t)) {
+ alac->max_samples_per_frame > 4096 * 4096) {
av_log(alac->avctx, AV_LOG_ERROR,
"max samples per frame invalid: %"PRIu32"\n",
alac->max_samples_per_frame);
More information about the ffmpeg-cvslog
mailing list