From patchwork Mon Apr 26 13:01:26 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andreas Rheinhardt X-Patchwork-Id: 27430 Delivered-To: ffmpegpatchwork2@gmail.com Received: by 2002:a6b:6109:0:0:0:0:0 with SMTP id v9csp78880iob; Mon, 26 Apr 2021 06:01:48 -0700 (PDT) X-Google-Smtp-Source: ABdhPJx9eVyaGp+qVERZrs9WMpvxxum4g/OQjBT5EG5xwkxGxZQ9RxzxHBxyrpu1zuUWhKadEEy1 X-Received: by 2002:a05:6402:1a58:: with SMTP id bf24mr5661496edb.231.1619442108365; Mon, 26 Apr 2021 06:01:48 -0700 (PDT) Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org. [79.124.17.100]) by mx.google.com with ESMTP id lz16si13881222ejb.276.2021.04.26.06.01.47; Mon, 26 Apr 2021 06:01:48 -0700 (PDT) Received-SPF: pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) client-ip=79.124.17.100; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@outlook.com header.s=selector1 header.b=A7VQ9dWm; arc=fail (body hash mismatch); spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org; dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=outlook.com Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 6F3B568982F; Mon, 26 Apr 2021 16:01:44 +0300 (EEST) X-Original-To: ffmpeg-devel@ffmpeg.org Delivered-To: ffmpeg-devel@ffmpeg.org Received: from EUR06-AM7-obe.outbound.protection.outlook.com (mail-am7eur06olkn2019.outbound.protection.outlook.com [40.92.16.19]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id ADC4E680226 for ; Mon, 26 Apr 2021 16:01:37 +0300 (EEST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=PtFJCF3rwt07+TRMUCDJ7tt4zPCXWkFIFRlbEmgCAt87NSGCOrixFuBuUpXTVjLir1RUVXkS5BnLQEZOVAjyZj16TGgGl1b5atEDanGHWGjqo58Qq08H5FFXdFI2LLKx8K9vh9YktLoYmDm581+TvrsLzOxqN/OvblYd7dIykSZFHMaTLFYK8Lcr23B08NljklE98R64S3Gd2Po8/prLZcWlXhRgyPOB5dCriwgy2zy0hIeD346IRw3OTFVujS7qiL6DrSAcOdLNZYPuQQUkjOwN3S8RGpn1zRQ2QtrEqUxWvuYP++heZ7q5cS4EIpwZqVsuU63num5cAjhVbjENxQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=TuORMIdzwX1M9p4SR5YoJ+Dy09Ka2x+EVjxqIpDK4Hk=; b=acaJEKX3swQJv+/K7xzCVrWfcn1zfUfQly1hcgbtjgBqyi49DN56uhkaDYF0w8NzxBm0PPm258MLVY/Re3cdmmcRxmQvpZcGtNjGQ1hG5WxGJrH4L7Ve81IBIT+taGzcl+68KgBfHDP7WBSZEbTVmZhUEwIHqKmgjvvLM89Z0kU5L4N8sRBnOeh6uB5Ls8U3ETTYlMDgyvfZ8l5E21YJJtZsSuWub8OEaQkYk2CexjfL6iU48qg7y8wx5zfwP9DidH7gHqjGVY1hyJ3iahj9utx+eRPbiIko9mSgwPKM5kYjweOHUj4uo2PykqeGqyeW087KgGX9CR+yR/sVAmjJkw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=TuORMIdzwX1M9p4SR5YoJ+Dy09Ka2x+EVjxqIpDK4Hk=; b=A7VQ9dWmxxapZGJN2QplyMMG/tnqp/JoD1FoFmzi3KaREldKSDnYVBySIzOKv30Adq569xivtzbS5Ivgz3rzsUpZGq/7DJ7aQ51YatCrr8+L8rSWD7kC5P348868KepP2Kc70GBvOzXwqF9ThWSAqzYYwPxOHJYsnw+e7OC6QqqXuQ6lH9hzl+U1wNwTjY9FdVtS7+f3Fss8xIi1pv9tVQj7+imx49JIzRKlhqYc2WvxrsvTjVN3DB9yUQOR8HaMY8+bOYqoHi/dmxalpju9G8bJuJoXqn2IIHLEFbblNHTL3gykCFYnOkZrhM7VZSFkU1VE6jARuhY3t/+JDCBQiw== Received: from AM7EUR06FT003.eop-eur06.prod.protection.outlook.com (2a01:111:e400:fc36::51) by AM7EUR06HT010.eop-eur06.prod.protection.outlook.com (2a01:111:e400:fc36::349) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4065.21; Mon, 26 Apr 2021 13:01:36 +0000 Received: from HE1PR0301MB2154.eurprd03.prod.outlook.com (2a01:111:e400:fc36::51) by AM7EUR06FT003.mail.protection.outlook.com (2a01:111:e400:fc36::244) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4065.21 via Frontend Transport; Mon, 26 Apr 2021 13:01:36 +0000 X-IncomingTopHeaderMarker: OriginalChecksum:8D84111C08BAC9008E42539E079517CB942F1B2C7C0EED4841CE52BA54C9B404; UpperCasedChecksum:4115B6E01667D11F0A07C4EEE42D0F80F1F9505C0C96C76D1E39C71498D6E86A; SizeAsReceived:7403; Count:46 Received: from HE1PR0301MB2154.eurprd03.prod.outlook.com ([fe80::45bb:c44f:2b75:23b7]) by HE1PR0301MB2154.eurprd03.prod.outlook.com ([fe80::45bb:c44f:2b75:23b7%5]) with mapi id 15.20.4065.026; Mon, 26 Apr 2021 13:01:36 +0000 From: Andreas Rheinhardt To: ffmpeg-devel@ffmpeg.org Date: Mon, 26 Apr 2021 15:01:26 +0200 Message-ID: X-Mailer: git-send-email 2.27.0 X-TMN: [kISIjSPDz+t5udftPBurRnVDpjr9Cl0Z] X-ClientProxiedBy: ZR0P278CA0086.CHEP278.PROD.OUTLOOK.COM (2603:10a6:910:22::19) To HE1PR0301MB2154.eurprd03.prod.outlook.com (2603:10a6:3:2a::22) X-Microsoft-Original-Message-ID: <20210426130128.274867-1-andreas.rheinhardt@outlook.com> MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from sblaptop.fritz.box (188.193.248.86) by ZR0P278CA0086.CHEP278.PROD.OUTLOOK.COM (2603:10a6:910:22::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4065.22 via Frontend Transport; Mon, 26 Apr 2021 13:01:35 +0000 X-MS-PublicTrafficType: Email X-IncomingHeaderCount: 46 X-EOPAttributedMessage: 0 X-MS-Office365-Filtering-Correlation-Id: dee42296-fa18-4625-e953-08d908b36c58 X-MS-Exchange-SLBlob-MailProps: gjx25WM8ZNUZz984a26XPHNORr4/6vxhZNW7PF9aDpIS6+L54AzcKatrIDieQmZOVWEaljrjeW2cqXGTtJAVVbnQuWEuHdssoij3QzeUHsSmHjKcMxaFocOJ7dyuNGwvtPkT4ta12OjRHTODQD/pntS5YfO+vHEAj08YcskZ0uYxiMglUstcSLU4b0JhIEeICa2tk0uroCa3dfTi38RRKewqJ4q2mEx1lIEhlIoGbXIP2QF9vhxBfgwEaByERajpeP4m/YkptHt4Hk200W//wOM5/6scNxUx7fiAO84qcJ9VYrUOqPgd81UA8KePyr0Bg16lV9+cK0uOknA0kw6mNfe4iktYNNubz/NtbPTjZ0/x8jrdWMVDEnbmCl+pcK2bKR2FhF14f/54WA0gaimc3e6O1OpLDU11V27oK6aLQz8nk9O/nRMiaymQfGU+5FeZ7PFIrSsG9zOUudMYSdNOmKy4FtFtrawPNzJ2hu2cgKPP7Ifi/HtV7rAtvh+ZGTMmo71sHrL+y+SYOampvDfeeBm86jyywWMAA0+jZ82MX/N7O6ZOi02FAdtH2HRVYacxxcUCRPlttUrH8Gp3I0aKLvgC3yuEL0RgIvTh3wuIkKh0DK7D0iMeJqbDppcWPuMtjillm8U6jAAjeluWzbzfSxourRELAMMfijQunugYh3k9skgU9kVoLGOxLp6/81Y6xEyuK1qqIZFCSMPuO+19gm6N4+fS/gx7H/UUdgza/iQ= X-MS-TrafficTypeDiagnostic: AM7EUR06HT010: X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: izw2iSNbq7avjUIFV4yCRMtmWVKgVyyGVzr0pWunaAqXBAVNjJiH+A5mdCj7QntnTu0pyVvZfjwTrD8rRFawJc4CX17AD1EKHo1vqeYKpK+7L/3y3zZxMOLXrB4iavZI/gbav85NoRaCXtwK+Q4D21QsRXSyKqqOZfouTpLYi80ge052912C39zcugq0Vnl8QLWTv1YIUTmnRJ7Q7KnhKc2P9z8uw7oQqght963J/64qnsOdDkrj5n/jN2qRgbnSpki6W2JUyv3esBrZydZ1bvvCaJTuSUIurLXAuQBpgG8c78b/+1pgDFiQ+3bb9XyYiVDL/FkPnOL0LfH90SmtAGeWRBTthe0MDG/t1oVHOa7ndHX5q3Kmso/eqBwpXuTrDp+Cl6doCky/Kste7LWBpQ== X-MS-Exchange-AntiSpam-MessageData: aYmkTYz4EKZ/vFZ0ezJI+GHgxH+YVhW+YLE5qJFS7P1cQTGUjnWYA2S6dtMYjWVa1FUk3+uKN9IwjtENCpRrpCFpfRKXGBE5MyTg/UrPAeBrwX/0BtWecXeOobhpfLWguq9glF0sbqjej4DYgXunrQ== X-OriginatorOrg: outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: dee42296-fa18-4625-e953-08d908b36c58 X-MS-Exchange-CrossTenant-OriginalArrivalTime: 26 Apr 2021 13:01:36.4488 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa X-MS-Exchange-CrossTenant-AuthSource: AM7EUR06FT003.eop-eur06.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: Internet X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000 X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM7EUR06HT010 Subject: [FFmpeg-devel] [PATCH 1/2] avformat/westwood_audenc: Check for, not assert on invalid data X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Cc: Andreas Rheinhardt Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" X-TUID: nFnqsaXUMsJA Signed-off-by: Andreas Rheinhardt --- Is pkt->size * 4 actually supposed to be the size of audio after decoding? If so, the factor four would have to be changed to two for files flagged as 8 bit. (The 8/16 bit check seems broken; my actual intention with not unconditionally flagging the file as 16 bit was that remuxing content flagged as 8 bit should work, but it doesn't, because the current check only checks for the codec_id.) libavformat/westwood_audenc.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/libavformat/westwood_audenc.c b/libavformat/westwood_audenc.c index 4ec905b088..490f2ee260 100644 --- a/libavformat/westwood_audenc.c +++ b/libavformat/westwood_audenc.c @@ -103,7 +103,8 @@ static int wsaud_write_packet(AVFormatContext *ctx, AVPacket *pkt) AVIOContext *pb = ctx->pb; AUDMuxContext *a = ctx->priv_data; - av_assert1(pkt->size < UINT16_MAX && (pkt->size * 4) < UINT16_MAX); + if (pkt->size > UINT16_MAX / 4) + return AVERROR_INVALIDDATA; /* Assumes ADPCM since this muxer doesn't support SND1 or PCM format. */ avio_wl16(pb, pkt->size); avio_wl16(pb, pkt->size * 4);