[FFmpeg-devel] [libav-devel] [PATCH 2/2] matroskadec: validate audio channels and bitdepth

Andreas Cadhalpun andreas.cadhalpun at googlemail.com
Tue Jun 16 21:55:00 CEST 2015

On 16.06.2015 00:37, Luca Barbato wrote:
> On 16/06/15 00:14, Andreas Cadhalpun wrote:
>>> I wonder if the sanity check in the decoder would be enough to not have
>>> other problems down the line.
>> No, because the problem is in the two lines below the check.
> Not here =)

The avio_wl16 calls are also present in Libav and writing something larger
than 16bit with them is a bug. The av_assert2 in FFmpeg is only a means
to detect such a bug.

>>> I'd provide an explode mode and as best effort mode I'd just mark the
>>> data as corrupted.
>> What do you mean with marking the data as corrupted?
> There is a packet flag, AV_PKT_FLAG_CORRUPT, to mark the data that
> shouldn't be trusted.

This flag is used rather rarely. I'm not convinced that it would be
particularly useful for this corner case.

Best regards,

More information about the ffmpeg-devel mailing list