[FFmpeg-devel] [PATCH 6/6] avfilter/af_surround: Check av_channel_layout_channel_from_index() stays within the fixed array used
Michael Niedermayer
michael at niedermayer.cc
Sun Jul 7 21:47:29 EEST 2024
Fixes: CID1516994 Out-of-bounds access
Fixes: CID1516996 Out-of-bounds access
Fixes: CID1516999 Out-of-bounds access
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
---
libavfilter/af_surround.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/libavfilter/af_surround.c b/libavfilter/af_surround.c
index e37dddc3614..fab39a37ea9 100644
--- a/libavfilter/af_surround.c
+++ b/libavfilter/af_surround.c
@@ -269,6 +269,9 @@ static int config_output(AVFilterLink *outlink)
for (int ch = 0; ch < outlink->ch_layout.nb_channels; ch++) {
float iscale = 1.f;
+ const int chan = av_channel_layout_channel_from_index(&s->out_ch_layout, ch);
+ if (chan >= FF_ARRAY_ELEMS(sc_map))
+ return AVERROR_PATCHWELCOME;
ret = av_tx_init(&s->irdft[ch], &s->itx_fn, AV_TX_FLOAT_RDFT,
1, s->win_size, &iscale, 0);
--
2.45.2
More information about the ffmpeg-devel
mailing list