[FFmpeg-devel] [PATCH 7/9] epafdec: prevent overflow during block alignment calculation

Andreas Cadhalpun andreas.cadhalpun at googlemail.com
Thu Jan 26 03:13:33 EET 2017


Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun at googlemail.com>
---
 libavformat/epafdec.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/libavformat/epafdec.c b/libavformat/epafdec.c
index 29190fff72..0cd9627a4b 100644
--- a/libavformat/epafdec.c
+++ b/libavformat/epafdec.c
@@ -20,6 +20,7 @@
  */
 
 #include "libavutil/intreadwrite.h"
+#include "libavcodec/internal.h"
 #include "avformat.h"
 #include "internal.h"
 #include "pcm.h"
@@ -59,7 +60,7 @@ static int epaf_read_header(AVFormatContext *s)
         channels    = avio_rb32(s->pb);
     }
 
-    if (!channels || !sample_rate)
+    if (channels <= 0 || channels > FF_SANE_NB_CHANNELS || sample_rate <= 0)
         return AVERROR_INVALIDDATA;
 
     st = avformat_new_stream(s, NULL);
-- 
2.11.0



More information about the ffmpeg-devel mailing list