[FFmpeg-cvslog] r19975 - trunk/libavcodec/vorbis_dec.c
michael
subversion
Wed Sep 23 09:46:52 CEST 2009
Author: michael
Date: Wed Sep 23 09:46:51 2009
New Revision: 19975
Log:
Check validity of channels & samplerate.
This may be security relevant.
Based on 2 patches by chrome.
Modified:
trunk/libavcodec/vorbis_dec.c
Modified: trunk/libavcodec/vorbis_dec.c
==============================================================================
--- trunk/libavcodec/vorbis_dec.c Wed Sep 23 07:38:12 2009 (r19974)
+++ trunk/libavcodec/vorbis_dec.c Wed Sep 23 09:46:51 2009 (r19975)
@@ -848,8 +848,16 @@ static int vorbis_parse_id_hdr(vorbis_co
}
vc->version=get_bits_long(gb, 32); //FIXME check 0
- vc->audio_channels=get_bits(gb, 8); //FIXME check >0
- vc->audio_samplerate=get_bits_long(gb, 32); //FIXME check >0
+ vc->audio_channels=get_bits(gb, 8);
+ if(vc->audio_channels <= 0){
+ av_log(vc->avccontext, AV_LOG_ERROR, "Invalid number of channels\n");
+ return -1;
+ }
+ vc->audio_samplerate=get_bits_long(gb, 32);
+ if(vc->audio_samplerate <= 0){
+ av_log(vc->avccontext, AV_LOG_ERROR, "Invalid samplerate\n");
+ return -1;
+ }
vc->bitrate_maximum=get_bits_long(gb, 32);
vc->bitrate_nominal=get_bits_long(gb, 32);
vc->bitrate_minimum=get_bits_long(gb, 32);
More information about the ffmpeg-cvslog
mailing list