[FFmpeg-devel,5/9] nistspheredec: prevent overflow during block alignment calculation

Submitted by Andreas Cadhalpun on Jan. 29, 2017, 12:07 a.m.

Details

Message ID 67ca927c-9d1a-10b4-f9a0-3d110c9cc00b@googlemail.com
State New
Headers show

Commit Message

Andreas Cadhalpun Jan. 29, 2017, 12:07 a.m.
On 29.01.2017 00:26, Paul B Mahol wrote:
> On 1/29/17, Andreas Cadhalpun <andreas.cadhalpun@googlemail.com> wrote:
>> On 28.01.2017 12:44, Marton Balint wrote:
>>> If we reduce the number of extra lines (not at any cost), I think that
>>> helps.
>>> There is also a solution which keeps the traditional C syntax, and is easy
>>> to undestand even at first glance.
>>>
>>> if (st->codecpar->channels > FF_SANE_NB_CHANNELS)
>>>     return ff_elog(AVERROR(ENOSYS), s, "Too many channels %d > %d\n",
>>> st->codecpar->channels, FF_SANE_NB_CHANNELS);
>>
>> How would you define ff_elog for this to work?
> 
> I'm maintainer of this file, and I'm fed up with this nuisance conversation.
> I'm against log message.

Fair enough, attached is a patch without the log messages in this file.

However, this discussion is also about error logging in general and it
should come to some conclusion that prevents this nuisance from recurring
for future patches.

Best regards,
Andreas

Patch hide | download patch | download mbox

From 2386e24e38bbf9847870dfec22998e8fa252e359 Mon Sep 17 00:00:00 2001
From: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
Date: Thu, 15 Dec 2016 02:14:49 +0100
Subject: [PATCH] nistspheredec: prevent overflow during block alignment
 calculation

Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
---
 libavformat/nistspheredec.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/libavformat/nistspheredec.c b/libavformat/nistspheredec.c
index 782d1dfbfb..588174482c 100644
--- a/libavformat/nistspheredec.c
+++ b/libavformat/nistspheredec.c
@@ -21,6 +21,7 @@ 
 
 #include "libavutil/avstring.h"
 #include "libavutil/intreadwrite.h"
+#include "libavcodec/internal.h"
 #include "avformat.h"
 #include "internal.h"
 #include "pcm.h"
@@ -90,6 +91,8 @@  static int nist_read_header(AVFormatContext *s)
             return 0;
         } else if (!memcmp(buffer, "channel_count", 13)) {
             sscanf(buffer, "%*s %*s %"SCNd32, &st->codecpar->channels);
+            if (st->codecpar->channels > FF_SANE_NB_CHANNELS)
+                return AVERROR(ENOSYS);
         } else if (!memcmp(buffer, "sample_byte_format", 18)) {
             sscanf(buffer, "%*s %*s %31s", format);
 
@@ -109,6 +112,8 @@  static int nist_read_header(AVFormatContext *s)
             sscanf(buffer, "%*s %*s %"SCNd64, &st->duration);
         } else if (!memcmp(buffer, "sample_n_bytes", 14)) {
             sscanf(buffer, "%*s %*s %"SCNd32, &bps);
+            if (bps > (INT_MAX / FF_SANE_NB_CHANNELS) >> 3)
+                return AVERROR_INVALIDDATA;
         } else if (!memcmp(buffer, "sample_rate", 11)) {
             sscanf(buffer, "%*s %*s %"SCNd32, &st->codecpar->sample_rate);
         } else if (!memcmp(buffer, "sample_sig_bits", 15)) {
-- 
2.11.0