[FFmpeg-devel] [PATCH] avcodec/s302menc: check if buf_size can actually be put into 16bit size
Paul B Mahol
onemda at gmail.com
Sat Dec 19 21:54:07 CET 2015
This disallows creating unplayable audio.
Signed-off-by: Paul B Mahol <onemda at gmail.com>
---
libavcodec/s302menc.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/libavcodec/s302menc.c b/libavcodec/s302menc.c
index 3706eba..c703e9a 100644
--- a/libavcodec/s302menc.c
+++ b/libavcodec/s302menc.c
@@ -78,6 +78,11 @@ static int s302m_encode2_frame(AVCodecContext *avctx, AVPacket *avpkt,
uint8_t *o;
PutBitContext pb;
+ if (buf_size - AES3_HEADER_LEN > UINT16_MAX) {
+ av_log(avctx, AV_LOG_ERROR, "number of samples in frame too big\n");
+ return AVERROR(EINVAL);
+ }
+
if ((ret = ff_alloc_packet2(avctx, avpkt, buf_size, 0)) < 0)
return ret;
--
1.9.1
More information about the ffmpeg-devel
mailing list