[FFmpeg-devel] [PATCH] avcodec/mlpdec: filter invalid block size

Carl Eugen Hoyos ceffmpeg at gmail.com
Tue Jan 21 03:22:28 EET 2020


Am Do., 9. Jan. 2020 um 04:54 Uhr schrieb Xingwen.Fang <showvin at qq.com>:
>
> From: Xingwen Fang <fxw at rock-chips.com>
>
> When the block size is illegal, we don't need to read the
> block data. Otherwise, there will be abnormal memory access
> in dsp.mlp_filter_channel.
>
> Signed-off-by: Xingwen Fang <fxw at rock-chips.com>
> ---
>  libavcodec/mlpdec.c | 5 +++++
>  1 file changed, 5 insertions(+)
>
> diff --git a/libavcodec/mlpdec.c b/libavcodec/mlpdec.c
> index 39c4091..198d3c0 100644
> --- a/libavcodec/mlpdec.c
> +++ b/libavcodec/mlpdec.c
> @@ -1263,6 +1263,11 @@ static int read_access_unit(AVCodecContext *avctx, void* data,
>              if (!s->restart_seen)
>                  goto next_substr;
>
> +            if (s->blocksize < 8) {
> +                av_log(m->avctx, AV_LOG_ERROR, "Block size is too small.\n");
> +                goto next_substr;
> +            }

Can you provide a sample file that shows the invalid memory access?

Carl Eugen


More information about the ffmpeg-devel mailing list