From patchwork Sun Jan 29 00:07:42 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andreas Cadhalpun X-Patchwork-Id: 2354 Delivered-To: ffmpegpatchwork@gmail.com Received: by 10.103.89.21 with SMTP id n21csp863222vsb; Sat, 28 Jan 2017 16:07:52 -0800 (PST) X-Received: by 10.223.147.1 with SMTP id 1mr3450972wro.60.1485648472737; Sat, 28 Jan 2017 16:07:52 -0800 (PST) Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org. [79.124.17.100]) by mx.google.com with ESMTP id j206si7996872wmj.86.2017.01.28.16.07.52; Sat, 28 Jan 2017 16:07:52 -0800 (PST) Received-SPF: pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) client-ip=79.124.17.100; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@googlemail.com; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=googlemail.com Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 2A2B168A89C; Sun, 29 Jan 2017 02:07:48 +0200 (EET) X-Original-To: ffmpeg-devel@ffmpeg.org Delivered-To: ffmpeg-devel@ffmpeg.org Received: from mail-wm0-f65.google.com (mail-wm0-f65.google.com [74.125.82.65]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 6241768A388 for ; Sun, 29 Jan 2017 02:07:42 +0200 (EET) Received: by mail-wm0-f65.google.com with SMTP id v77so6738827wmv.0 for ; Sat, 28 Jan 2017 16:07:44 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20161025; h=from:subject:to:references:message-id:date:user-agent:mime-version :in-reply-to; bh=V7fkAKK0ibCCK2bnj7p83Hi829E7o/VcF5zetitvra4=; b=Yye2/xlMsqOEZyxF5ZIcUNtbqMdKT1SXrl787OIPV8iZ60QGtIB3xCuEMgaaytB1ZS O6/Z5ztSJ+e9fbZZBPCbKIQ99RHuIFWeYxYAxPv5VjUjj2Xt4ob67WwiAH1Lw3LQcDF6 vQvcfaVCJtvDPUSmNSs0/RrlD0vY5UsMebI7lJmV+jPXcHxVZh4XVowqfJxLiOhjxtv8 6u2PH2j03CRNFlRuho1xPGARUIPlPG7kZWLenzZQvYznN0MSmcUW0lum/klM2enrjN0q O2PJSeWjimwdeJO4SZc63+h6uWFHI8/Skx/Its/CczCsxn4InPTBfwOaj3VS6yywng0I 0KDQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:subject:to:references:message-id:date :user-agent:mime-version:in-reply-to; bh=V7fkAKK0ibCCK2bnj7p83Hi829E7o/VcF5zetitvra4=; b=BQvxr84SSrx6qtw05HG5Hgyrog9zQIMwvttU07nWd9PbgcBB1wa747ynmjYwp3gas4 lfxLaDr17+LK2Luc5uugHTaUA9RVsqHBHpkdbYw6mNACkkNYbU6w+g1CzM10wSS7LzTy FhhvUn2RDv1RjGzhh9NDqun8m1p2TM92qPrm0/7khU2HwEpZ4E03Uf8/ElWkacgBe586 XA7QpEZtIy/PhaWPOi16QYDSr8DEDKyBmr1rddjHxRKdWRzhCjTZo0VPXh+v9lMC1QIF BbBAPol4B9/pcj+E13ZUz+2spNU3QDAXCayh3upAgMM4Yq9qurWnydv7PytI8DpTskV3 pp9Q== X-Gm-Message-State: AIkVDXKO3ZggvzJbCtHD/v2xkES6QuXJ/KsCFNfSCddQW96qgj9x3hb0FmwlILSQAYXYjg== X-Received: by 10.28.163.194 with SMTP id m185mr4185368wme.122.1485648463457; Sat, 28 Jan 2017 16:07:43 -0800 (PST) Received: from [192.168.2.21] (p5B095EB7.dip0.t-ipconnect.de. [91.9.94.183]) by smtp.googlemail.com with ESMTPSA id y65sm11144312wmb.5.2017.01.28.16.07.42 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sat, 28 Jan 2017 16:07:42 -0800 (PST) From: Andreas Cadhalpun X-Google-Original-From: Andreas Cadhalpun To: ffmpeg-devel@ffmpeg.org References: <20170126022002.GL4698@nb4> <20170126040750.GN4698@nb4> <9ef8322a-dcfc-7bde-b465-b9a3f02d1972@googlemail.com> <20170128022831.GE4698@nb4> <259e79be-adc6-be1b-075e-50026645d503@googlemail.com> Message-ID: <67ca927c-9d1a-10b4-f9a0-3d110c9cc00b@googlemail.com> Date: Sun, 29 Jan 2017 01:07:42 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.6.0 MIME-Version: 1.0 In-Reply-To: Subject: Re: [FFmpeg-devel] [PATCH 5/9] nistspheredec: prevent overflow during block alignment calculation X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" On 29.01.2017 00:26, Paul B Mahol wrote: > On 1/29/17, Andreas Cadhalpun wrote: >> On 28.01.2017 12:44, Marton Balint wrote: >>> If we reduce the number of extra lines (not at any cost), I think that >>> helps. >>> There is also a solution which keeps the traditional C syntax, and is easy >>> to undestand even at first glance. >>> >>> if (st->codecpar->channels > FF_SANE_NB_CHANNELS) >>> return ff_elog(AVERROR(ENOSYS), s, "Too many channels %d > %d\n", >>> st->codecpar->channels, FF_SANE_NB_CHANNELS); >> >> How would you define ff_elog for this to work? > > I'm maintainer of this file, and I'm fed up with this nuisance conversation. > I'm against log message. Fair enough, attached is a patch without the log messages in this file. However, this discussion is also about error logging in general and it should come to some conclusion that prevents this nuisance from recurring for future patches. Best regards, Andreas From 2386e24e38bbf9847870dfec22998e8fa252e359 Mon Sep 17 00:00:00 2001 From: Andreas Cadhalpun Date: Thu, 15 Dec 2016 02:14:49 +0100 Subject: [PATCH] nistspheredec: prevent overflow during block alignment calculation Signed-off-by: Andreas Cadhalpun --- libavformat/nistspheredec.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/libavformat/nistspheredec.c b/libavformat/nistspheredec.c index 782d1dfbfb..588174482c 100644 --- a/libavformat/nistspheredec.c +++ b/libavformat/nistspheredec.c @@ -21,6 +21,7 @@ #include "libavutil/avstring.h" #include "libavutil/intreadwrite.h" +#include "libavcodec/internal.h" #include "avformat.h" #include "internal.h" #include "pcm.h" @@ -90,6 +91,8 @@ static int nist_read_header(AVFormatContext *s) return 0; } else if (!memcmp(buffer, "channel_count", 13)) { sscanf(buffer, "%*s %*s %"SCNd32, &st->codecpar->channels); + if (st->codecpar->channels > FF_SANE_NB_CHANNELS) + return AVERROR(ENOSYS); } else if (!memcmp(buffer, "sample_byte_format", 18)) { sscanf(buffer, "%*s %*s %31s", format); @@ -109,6 +112,8 @@ static int nist_read_header(AVFormatContext *s) sscanf(buffer, "%*s %*s %"SCNd64, &st->duration); } else if (!memcmp(buffer, "sample_n_bytes", 14)) { sscanf(buffer, "%*s %*s %"SCNd32, &bps); + if (bps > (INT_MAX / FF_SANE_NB_CHANNELS) >> 3) + return AVERROR_INVALIDDATA; } else if (!memcmp(buffer, "sample_rate", 11)) { sscanf(buffer, "%*s %*s %"SCNd32, &st->codecpar->sample_rate); } else if (!memcmp(buffer, "sample_sig_bits", 15)) { -- 2.11.0