| Message ID | 6ec980ab-b470-ee09-d87f-cf3949e18af4@googlemail.com |
|---|---|
| State | Superseded |
| Headers | show |
Hi, On Fri, Jan 6, 2017 at 2:48 PM, Andreas Cadhalpun < andreas.cadhalpun@googlemail.com> wrote: > Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com> > --- > libavformat/nistspheredec.c | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/libavformat/nistspheredec.c b/libavformat/nistspheredec.c > index 782d1dfbfb..9023ed7fc7 100644 > --- a/libavformat/nistspheredec.c > +++ b/libavformat/nistspheredec.c > @@ -80,6 +80,7 @@ static int nist_read_header(AVFormatContext *s) > > avpriv_set_pts_info(st, 64, 1, st->codecpar->sample_rate); > > + FF_RETURN_ON_OVERFLOW(s, st->codecpar->channels && > st->codecpar->bits_per_coded_sample > INT_MAX / st->codecpar->channels) Same comment as the other one, the channels == 0 isn't a valid case that we want to special case, probably check that it's not zero separately. Ronald
On 06.01.2017 22:30, Ronald S. Bultje wrote: > On Fri, Jan 6, 2017 at 2:48 PM, Andreas Cadhalpun < > andreas.cadhalpun@googlemail.com> wrote: > >> Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com> >> --- >> libavformat/nistspheredec.c | 1 + >> 1 file changed, 1 insertion(+) >> >> diff --git a/libavformat/nistspheredec.c b/libavformat/nistspheredec.c >> index 782d1dfbfb..9023ed7fc7 100644 >> --- a/libavformat/nistspheredec.c >> +++ b/libavformat/nistspheredec.c >> @@ -80,6 +80,7 @@ static int nist_read_header(AVFormatContext *s) >> >> avpriv_set_pts_info(st, 64, 1, st->codecpar->sample_rate); >> >> + FF_RETURN_ON_OVERFLOW(s, st->codecpar->channels && >> st->codecpar->bits_per_coded_sample > INT_MAX / st->codecpar->channels) > > > Same comment as the other one, the channels == 0 isn't a valid case that we > want to special case, probably check that it's not zero separately. Here I disagree: This is only the demuxer, that doesn't need to know the number of channels, which can be set later by the decoder. (For example the shorten decoder does this.) Thus I think this check here is really needed. Best regards, Andreas
Hi, On Fri, Jan 6, 2017 at 5:30 PM, Andreas Cadhalpun < andreas.cadhalpun@googlemail.com> wrote: > On 06.01.2017 22:30, Ronald S. Bultje wrote: > > On Fri, Jan 6, 2017 at 2:48 PM, Andreas Cadhalpun < > > andreas.cadhalpun@googlemail.com> wrote: > > > >> Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com> > >> --- > >> libavformat/nistspheredec.c | 1 + > >> 1 file changed, 1 insertion(+) > >> > >> diff --git a/libavformat/nistspheredec.c b/libavformat/nistspheredec.c > >> index 782d1dfbfb..9023ed7fc7 100644 > >> --- a/libavformat/nistspheredec.c > >> +++ b/libavformat/nistspheredec.c > >> @@ -80,6 +80,7 @@ static int nist_read_header(AVFormatContext *s) > >> > >> avpriv_set_pts_info(st, 64, 1, st->codecpar->sample_rate); > >> > >> + FF_RETURN_ON_OVERFLOW(s, st->codecpar->channels && > >> st->codecpar->bits_per_coded_sample > INT_MAX / st->codecpar->channels) > > > > > > Same comment as the other one, the channels == 0 isn't a valid case that > we > > want to special case, probably check that it's not zero separately. > > Here I disagree: This is only the demuxer, that doesn't need to know > the number of channels, which can be set later by the decoder. > (For example the shorten decoder does this.) Hm ... I don't like how we're adding special-case code for hypothetical cases that can only come from entirely broken muxers or fuzzers. I'll leave it to others to break the tie. Ronald
diff --git a/libavformat/nistspheredec.c b/libavformat/nistspheredec.c index 782d1dfbfb..9023ed7fc7 100644 --- a/libavformat/nistspheredec.c +++ b/libavformat/nistspheredec.c @@ -80,6 +80,7 @@ static int nist_read_header(AVFormatContext *s) avpriv_set_pts_info(st, 64, 1, st->codecpar->sample_rate); + FF_RETURN_ON_OVERFLOW(s, st->codecpar->channels && st->codecpar->bits_per_coded_sample > INT_MAX / st->codecpar->channels) st->codecpar->block_align = st->codecpar->bits_per_coded_sample * st->codecpar->channels / 8; if (avio_tell(s->pb) > header_size)
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com> --- libavformat/nistspheredec.c | 1 + 1 file changed, 1 insertion(+)