[FFmpeg-devel] [PATCH] avcodec/binkaudio: Check sample_rate to avoid integer overflow

Michael Niedermayer michael at niedermayer.cc
Wed Apr 8 00:17:18 EEST 2020


On Sat, Apr 04, 2020 at 11:38:43PM +0200, Michael Niedermayer wrote:
> On Sun, Feb 09, 2020 at 09:28:48PM +0100, Michael Niedermayer wrote:
> > On Sat, Feb 01, 2020 at 11:48:06PM +0100, Michael Niedermayer wrote:
> > > On Sat, Feb 01, 2020 at 04:17:10PM +0100, Paul B Mahol wrote:
> > > > On 2/1/20, Michael Niedermayer <michael at niedermayer.cc> wrote:
> > > > > On Tue, Jan 14, 2020 at 04:04:29PM +0100, Paul B Mahol wrote:
> > > > >> This better belong to generic code.
> > > > >
> > > > > This specific check (which checks for INT_MAX) is specific to our
> > > > > bink audio code which does a +1
> > > > > so it would not fit in generic code
> > > > >
> > > > > We could arbitrarily decide on a maximum sample rate hardcode that
> > > > > and check for that in generic code.
> > > > > I can implement that if people prefer. It would not avoid all
> > > > > sample rate checks in codecs though ...
> > > > 
> > > > sample rate can not be > INT_MAX
> > > 
> > > no and the code also doesnt check > INT_MAX 
> > > I think you maybe missed the = in >=
> > > theres a +1 and INT_MAX+1 is bad so INT_MAX is checked for
> > > we can do that in generic code but its only this decoder that has this
> > > issue other decoders may have other limits. That makes this specific
> > > check threshold bad for a check in generic code. Another threshold
> > > would work in generic code, it would be arbitrary though and limit
> > > most decoders more than needed
> > > Iam happy to implement what people prefer but the check as it is
> > > makes not much sense if its moved as is into generic code
> > 
> > any preferrance on how to solve this ?
> > or you are ok with the patch ?
> 
> ping

paul, are you ok with me applying the patch ? it seems to me that its the
most obvious fix here

thanks

[...]

-- 
Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

While the State exists there can be no freedom; when there is freedom there
will be no State. -- Vladimir Lenin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: not available
URL: <https://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20200407/ba83b1cc/attachment.sig>


More information about the ffmpeg-devel mailing list