[FFmpeg-cvslog] avformat/kvag: Check sample_rate
Michael Niedermayer
git at videolan.org
Wed May 22 23:15:12 EEST 2024
ffmpeg | branch: release/7.0 | Michael Niedermayer <michael at niedermayer.cc> | Mon Apr 29 23:44:25 2024 +0200| [dba4b859d86b54fbf4201ca5c86a45d5b0764842] | committer: Michael Niedermayer
avformat/kvag: Check sample_rate
Fixes: Division by 0
Fixes: -copyts -start_at_zero -itsoffset 00:00:01 -itsscale 1 -ss 00:00:02 -i zgclab/ffmpeg_crash/poc1 output.mp4
Found-by: Wang Dawei and Zhou Geng, from Zhongguancun Laboratory
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit c26a762ea1bf028a33554a5f7a18d8dd7d82f5a8)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=dba4b859d86b54fbf4201ca5c86a45d5b0764842
---
libavformat/kvag.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/libavformat/kvag.c b/libavformat/kvag.c
index 1d0aee0994..b55aa893ec 100644
--- a/libavformat/kvag.c
+++ b/libavformat/kvag.c
@@ -38,7 +38,7 @@
typedef struct KVAGHeader {
uint32_t magic;
uint32_t data_size;
- uint32_t sample_rate;
+ int sample_rate;
uint16_t stereo;
} KVAGHeader;
@@ -70,6 +70,9 @@ static int kvag_read_header(AVFormatContext *s)
hdr.sample_rate = AV_RL32(buf + 8);
hdr.stereo = AV_RL16(buf + 12);
+ if (hdr.sample_rate <= 0)
+ return AVERROR_INVALIDDATA;
+
par = st->codecpar;
par->codec_type = AVMEDIA_TYPE_AUDIO;
par->codec_id = AV_CODEC_ID_ADPCM_IMA_SSI;
More information about the ffmpeg-cvslog
mailing list