[FFmpeg-devel] [PATCH 5/6] nistspheredec: prevent overflow during block alignment, calculation

Andreas Cadhalpun andreas.cadhalpun at googlemail.com
Thu Dec 15 03:19:35 EET 2016


Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun at googlemail.com>
---
 libavformat/nistspheredec.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/libavformat/nistspheredec.c b/libavformat/nistspheredec.c
index 782d1df..9472e47 100644
--- a/libavformat/nistspheredec.c
+++ b/libavformat/nistspheredec.c
@@ -80,6 +80,11 @@ static int nist_read_header(AVFormatContext *s)
 
             avpriv_set_pts_info(st, 64, 1, st->codecpar->sample_rate);
 
+            if (st->codecpar->channels && st->codecpar->bits_per_coded_sample > INT_MAX / st->codecpar->channels) {
+                av_log(s, AV_LOG_ERROR, "Overflow during block alignment calculation %d * %d\n",
+                       st->codecpar->bits_per_coded_sample, st->codecpar->channels);
+                return AVERROR_INVALIDDATA;
+            }
             st->codecpar->block_align = st->codecpar->bits_per_coded_sample * st->codecpar->channels / 8;
 
             if (avio_tell(s->pb) > header_size)
-- 
2.10.2



More information about the ffmpeg-devel mailing list