[FFmpeg-devel] [libav-devel] [PATCH 2/2] matroskadec: validate audio channels and bitdepth
Andreas Cadhalpun
andreas.cadhalpun at googlemail.com
Tue Jun 16 00:14:09 CEST 2015
On 15.06.2015 21:46, Luca Barbato wrote:
> On 15/06/15 21:17, Andreas Cadhalpun wrote:
>> The values are written with avio_wl16 and if they don't fit into
>> uint16_t, this triggers an av_assert2 in avio_w8.
>
> No does not.
As with the other patch. Feel free to suggest different problem descriptions.
>> Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun at googlemail.com>
>> ---
>> libavformat/matroskadec.c | 8 ++++++++
>> 1 file changed, 8 insertions(+)
>>
>> diff --git a/libavformat/matroskadec.c b/libavformat/matroskadec.c
>> index 81dd53f..7af03c9 100644
>> --- a/libavformat/matroskadec.c
>> +++ b/libavformat/matroskadec.c
>> @@ -1889,6 +1889,14 @@ static int matroska_parse_tracks(AVFormatContext *s)
>> NULL, NULL, NULL, NULL);
>> avio_write(&b, "TTA1", 4);
>> avio_wl16(&b, 1);
>> + if (track->audio.channels > UINT16_MAX ||
>> + track->audio.bitdepth > UINT16_MAX) {
>> + av_log(matroska->ctx, AV_LOG_ERROR,
>> + "Too large audio channel number %"PRIu64
>> + " or bitdepth %"PRIu64".\n",
>> + track->audio.channels, track->audio.bitdepth);
>> + return AVERROR_INVALIDDATA;
>> + }
>
> I wonder if the sanity check in the decoder would be enough to not have
> other problems down the line.
No, because the problem is in the two lines below the check.
> I'd provide an explode mode and as best effort mode I'd just mark the
> data as corrupted.
What do you mean with marking the data as corrupted?
Best regards,
Andreas
More information about the ffmpeg-devel
mailing list