[FFmpeg-devel] [PATCH 3/9] electronicarts: prevent overflow during block alignment calculation

Andreas Cadhalpun andreas.cadhalpun at googlemail.com
Thu Jan 26 03:09:47 EET 2017


On 07.01.2017 09:32, Paul B Mahol wrote:
> On 1/7/17, Michael Niedermayer <michael at niedermayer.cc> wrote:
>> On Fri, Jan 06, 2017 at 08:47:39PM +0100, Andreas Cadhalpun wrote:
>>> Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun at googlemail.com>
>>> ---
>>>  libavformat/electronicarts.c | 1 +
>>>  1 file changed, 1 insertion(+)
>>>
>>> diff --git a/libavformat/electronicarts.c b/libavformat/electronicarts.c
>>> index 30eb723bd5..03422e5b2c 100644
>>> --- a/libavformat/electronicarts.c
>>> +++ b/libavformat/electronicarts.c
>>> @@ -556,6 +556,7 @@ static int ea_read_header(AVFormatContext *s)
>>>          st->codecpar->codec_tag             = 0;   /* no tag */
>>>          st->codecpar->channels              = ea->num_channels;
>>>          st->codecpar->sample_rate           = ea->sample_rate;
>>> +        FF_RETURN_ON_OVERFLOW(s, ea->bytes > INT_MAX / 8 / 2)
>>
>> I think we should ask for a sample when the number of bytes per
>> sample is larger than 2 or 4 or whatever max we think occurs.
> 
> No we should not as such samples are invalid.

The code seems to only know about 1 (8-bit) and 2 (16-bit), so
returning an error for larger values makes sense.

Best regards,
Andreas


More information about the ffmpeg-devel mailing list