[FFmpeg-devel] [PATCH 1/1] avformat: mca: relax a condition check to be able to play certain files

[liushuyu at aosc.io]

From: liushuyu <liushuyu at aosc.io>

In certain mca files, the coefficient table is in the data section
instead of the header section. In this case, the coefficient offset
relative to the header ending marker is a negative value thus failing
the original condition check at line 146.

The new check just check if the coefficient offset is within the file
range (since there is no way to know where the actual audio samples are
without the correct header information).
---
 libavformat/mca.c | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/libavformat/mca.c b/libavformat/mca.c
index 27cfb1c..5bb9a35 100644
--- a/libavformat/mca.c
+++ b/libavformat/mca.c
@@ -48,9 +48,9 @@ static int read_header(AVFormatContext *s)
     int64_t file_size = avio_size(s->pb);
     uint16_t version = 0;
     uint32_t header_size, data_size, data_offset, loop_start, loop_end,
-        nb_samples, nb_metadata, coef_offset = 0;
+        nb_samples, nb_metadata = 0;
     int ch, ret;
-    int64_t ret_size;
+    int64_t ret_size, coef_offset = 0;
 
     st = avformat_new_stream(s, NULL);
     if (!st)
@@ -144,10 +144,10 @@ static int read_header(AVFormatContext *s)
     }
 
     // coefficient alignment = 0x30; metadata size = 0x14
-    if (0x30 * par->channels + nb_metadata * 0x14 > header_size)
-        return AVERROR_INVALIDDATA;
     coef_offset =
-        header_size - 0x30 * par->channels + nb_metadata * 0x14;
+        (int64_t)header_size - 0x30 * par->channels + nb_metadata * 0x14;
+    if (coef_offset < 0 || coef_offset >= file_size)
+        return AVERROR_INVALIDDATA;
 
     st->start_time = 0;
     par->codec_id = AV_CODEC_ID_ADPCM_THP_LE;
-- 
2.28.0