[FFmpeg-devel] [PATCH 1/3] avformat/kvag: Check sample_rate

[Michael Niedermayer]

Fixes: Division by 0
Fixes: -copyts -start_at_zero -itsoffset 00:00:01 -itsscale 1 -ss 00:00:02  -i zgclab/ffmpeg_crash/poc1 output.mp4

Found-by: Wang Dawei and Zhou Geng, from Zhongguancun Laboratory
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
---
 libavformat/kvag.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/libavformat/kvag.c b/libavformat/kvag.c
index 1d0aee09942..b55aa893ec2 100644
--- a/libavformat/kvag.c
+++ b/libavformat/kvag.c
@@ -38,7 +38,7 @@
 typedef struct KVAGHeader {
     uint32_t    magic;
     uint32_t    data_size;
-    uint32_t    sample_rate;
+    int    sample_rate;
     uint16_t    stereo;
 } KVAGHeader;
 
@@ -70,6 +70,9 @@ static int kvag_read_header(AVFormatContext *s)
     hdr.sample_rate             = AV_RL32(buf +  8);
     hdr.stereo                  = AV_RL16(buf + 12);
 
+    if (hdr.sample_rate <= 0)
+        return AVERROR_INVALIDDATA;
+
     par                         = st->codecpar;
     par->codec_type             = AVMEDIA_TYPE_AUDIO;
     par->codec_id               = AV_CODEC_ID_ADPCM_IMA_SSI;
-- 
2.43.2