[FFmpeg-devel] [PATCH 5/8] Reject audio tracks with invalid interleaver parameters in RM demuxer.
Laurent Aimar
fenrir at elivagar.org
Sat Sep 17 21:49:04 CEST 2011
On Sat, Sep 17, 2011 at 04:56:33PM +0200, fenrir at elivagar.org wrote:
> From: Laurent Aimar <fenrir at videolan.org>
>
> ---
> libavformat/rmdec.c | 10 ++++++----
> 1 files changed, 6 insertions(+), 4 deletions(-)
>
> diff --git a/libavformat/rmdec.c b/libavformat/rmdec.c
> index 1c96573..81f563e 100644
> --- a/libavformat/rmdec.c
> +++ b/libavformat/rmdec.c
> @@ -215,8 +215,9 @@ static int rm_read_audio_stream_info(AVFormatContext *s, AVIOContext *pb,
> ast->audio_framesize = st->codec->block_align;
> st->codec->block_align = coded_framesize;
>
> - if(ast->audio_framesize >= UINT_MAX / sub_packet_h){
> - av_log(s, AV_LOG_ERROR, "ast->audio_framesize * sub_packet_h too large\n");
> + if (ast->audio_framesize <= 0 || sub_packet_h <= 0 ||
> + ast->audio_framesize >= UINT_MAX / sub_packet_h){
> + av_log(s, AV_LOG_ERROR, "ast->audio_framesize * sub_packet_h is invalid\n");
> return -1;
> }
>
> @@ -252,8 +253,9 @@ static int rm_read_audio_stream_info(AVFormatContext *s, AVIOContext *pb,
> if ((ret = rm_read_extradata(pb, st->codec, codecdata_length)) < 0)
> return ret;
>
> - if(ast->audio_framesize >= UINT_MAX / sub_packet_h){
> - av_log(s, AV_LOG_ERROR, "rm->audio_framesize * sub_packet_h too large\n");
> + if (ast->audio_framesize <= 0 || sub_packet_h <= 0 ||
> + ast->audio_framesize >= UINT_MAX / sub_packet_h){
> + av_log(s, AV_LOG_ERROR, "rm->audio_framesize * sub_packet_h is invalid\n");
> return -1;
> }
Withdrawn, I will merge it with:
- "Reject invalid deinterleaving parameters in the RM demuxer."
- "Prevent the RM demuxer from returning uninitialized AVPacket in case of corrupted streams."
it will be simpler/more logical.
--
fenrir
More information about the ffmpeg-devel
mailing list