[FFmpeg-devel] [PATCH] oggparsevorbis: protection from rotten oggs

Alex Converse alex.converse
Sat Aug 7 23:31:13 CEST 2010


On Sat, Aug 7, 2010 at 5:14 PM, David Conrad <lessen42 at gmail.com> wrote:
> On Aug 7, 2010, at 4:02 PM, Alex Converse wrote:
>
>> The patch adds some sanity checks for requirements of a valid Vorbis I
>> stream from 4.2.1 and 4.2.2 to oggparsevorbis.c.
>
>> Index: libavformat/oggparsevorbis.c
>> ===================================================================
>> --- libavformat/oggparsevorbis.c ? ? ?(revision 24726)
>> +++ libavformat/oggparsevorbis.c ? ? ?(working copy)
>> @@ -206,6 +206,12 @@
>> ? ? ? ? ?return -1;
>>
>> ? ? ?priv = os->private;
>> +
>> + ? ?if (priv->packet[pkt_type>>1])
>> + ? ? ? ?return -1;
>> + ? ?if (pkt_type > 1 && !priv->packet[0] || pkt_type > 3 && !priv->packet[1])
>> + ? ? ? ?return -1;
>> +
>> ? ? ?priv->len[pkt_type >> 1] = os->psize;
>> ? ? ?priv->packet[pkt_type >> 1] = av_mallocz(os->psize);
>> ? ? ?memcpy(priv->packet[pkt_type >> 1], os->buf + os->pstart, os->psize);
>
> OK

Applied

>
>> @@ -220,7 +226,11 @@
>> ? ? ? ? ? ? ?return -1;
>>
>> ? ? ? ? ?st->codec->channels = bytestream_get_byte(&p);
>> + ? ? ? ?if (!st->codec->channels)
>> + ? ? ? ? ? ?return -1;
>> ? ? ? ? ?st->codec->sample_rate = bytestream_get_le32(&p);
>> + ? ? ? ?if (st->codec->sample_rate <= 0)
>> + ? ? ? ? ? ?return -1;
>> ? ? ? ? ?p += 4; // skip maximum bitrate
>> ? ? ? ? ?st->codec->bit_rate = bytestream_get_le32(&p); // nominal bitrate
>> ? ? ? ? ?p += 4; // skip minimum bitrate
>
> I'm sure there are other containers/codecs that don't check these for nonzero and/or positive, there isn't a check in utils.c or similar?

Dropped



More information about the ffmpeg-devel mailing list