| Message ID | f47c9798-1c24-8b11-3842-dbbbde1e120e@googlemail.com |
|---|---|
| State | Accepted |
| Commit | baba9c6aef88727bb0182631dc67744d36cadea4 |
| Headers | show |
On Wed, Dec 14, 2016 at 01:58:17AM +0100, Andreas Cadhalpun wrote: > Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com> > --- > libavformat/cafdec.c | 9 +++++++-- > 1 file changed, 7 insertions(+), 2 deletions(-) probably ok [...]
On 14.12.2016 13:36, Michael Niedermayer wrote: > On Wed, Dec 14, 2016 at 01:58:17AM +0100, Andreas Cadhalpun wrote: >> Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com> >> --- >> libavformat/cafdec.c | 9 +++++++-- >> 1 file changed, 7 insertions(+), 2 deletions(-) > > probably ok Pushed. Best regards, Andreas
diff --git a/libavformat/cafdec.c b/libavformat/cafdec.c index 1c4ca40..0e6179a 100644 --- a/libavformat/cafdec.c +++ b/libavformat/cafdec.c @@ -323,8 +323,13 @@ static int read_header(AVFormatContext *s) if (caf->data_size > 0) st->nb_frames = (caf->data_size / caf->bytes_per_packet) * caf->frames_per_packet; } else if (st->nb_index_entries && st->duration > 0) { - st->codecpar->bit_rate = st->codecpar->sample_rate * caf->data_size * 8 / - st->duration; + if (st->codecpar->sample_rate && caf->data_size / st->duration > INT64_MAX / st->codecpar->sample_rate / 8) { + av_log(s, AV_LOG_ERROR, "Overflow during bit rate calculation %d * 8 * %"PRId64"\n", + st->codecpar->sample_rate, caf->data_size / st->duration); + return AVERROR_INVALIDDATA; + } + st->codecpar->bit_rate = st->codecpar->sample_rate * 8LL * + (caf->data_size / st->duration); } else { av_log(s, AV_LOG_ERROR, "Missing packet table. It is required when " "block size or frame size are variable.\n");
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com> --- libavformat/cafdec.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-)