[FFmpeg-devel] [libav-devel] [PATCH] avformat/adxdec: check avctx->channels for invalid values

Andreas Cadhalpun andreas.cadhalpun at googlemail.com
Thu Feb 26 12:19:49 CET 2015

On 26.02.2015 04:15, Luca Barbato wrote:
> The decoder has this
>      /* channels */
>      avctx->channels = buf[7];
>      if (avctx->channels <= 0 || avctx->channels > 2)
>          return AVERROR_INVALIDDATA;
> So by the time you get there the channels are already validated.
> the extradata is validated on container and codec level so it should be fine.

This validation just makes sure that the codec can't be opened. But then 
avformat_find_stream_info continues with reading a frame from the demuxer, 
leading to the segfault if avctx->channels is 0.

Best regards,

More information about the ffmpeg-devel mailing list