From patchwork Mon Oct 24 23:50:47 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andreas Cadhalpun X-Patchwork-Id: 1165 Delivered-To: ffmpegpatchwork@gmail.com Received: by 10.103.140.133 with SMTP id o127csp2403667vsd; Mon, 24 Oct 2016 16:50:58 -0700 (PDT) X-Received: by 10.28.24.80 with SMTP id 77mr272435wmy.74.1477353058373; Mon, 24 Oct 2016 16:50:58 -0700 (PDT) Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org. [79.124.17.100]) by mx.google.com with ESMTP id s186si562319wmf.124.2016.10.24.16.50.58; Mon, 24 Oct 2016 16:50:58 -0700 (PDT) Received-SPF: pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) client-ip=79.124.17.100; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@googlemail.com; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org; dmarc=fail (p=QUARANTINE dis=NONE) header.from=googlemail.com Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 3E54E689CE7; Tue, 25 Oct 2016 02:50:53 +0300 (EEST) X-Original-To: ffmpeg-devel@ffmpeg.org Delivered-To: ffmpeg-devel@ffmpeg.org Received: from mail-wm0-f66.google.com (mail-wm0-f66.google.com [74.125.82.66]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 30344689C10 for ; Tue, 25 Oct 2016 02:50:46 +0300 (EEST) Received: by mail-wm0-f66.google.com with SMTP id d199so12026682wmd.1 for ; Mon, 24 Oct 2016 16:50:49 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20120113; h=from:to:subject:message-id:date:user-agent:mime-version :content-transfer-encoding; bh=HNfbAfpweylJcNkoq9eAXVjG6/C2zart4rTtLd0MPMg=; b=usEa5OAgOL1YxSAAqqTOQdTfUkfCVwlkRcuGJZKyd0ndgv1nLupfh/r1Tpx7o6GzCk vu4yFVOpqPqQbS5bOm7nhLDRdUuK3CAAT38PHVj0X6sFJvLWbzkP5pKvIWsZQwnjgtzM xkfpPAnZ+Yi9isPiSkFfTs+yeH1rA8GIJHyRIGWp2PZHlAbMp+/MwFUIDuxFCIgXNk3m fvdsEUFuB3LkKjKldvB5FYnT85P4IAe5hD3ylssrTrARJkaih2HXvGWLMwHFSb55NfEW mz7SD4K6ixqk/KChDjDwwl9kwG8it/+6GBw86SZiztuwdxROBxQTBT89b8GxmhEjL+q3 1uSw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:subject:message-id:date:user-agent :mime-version:content-transfer-encoding; bh=HNfbAfpweylJcNkoq9eAXVjG6/C2zart4rTtLd0MPMg=; b=E7OyhI49DjQzsPI9vdgC3gtP2E3qqjWZDu66hN32NBrQsr342tmIjSL3KJN0H2+HRO hwPAUlAzbia7GmI5/CID+n2EQtMhFuSakUrao4z+JRmYV6okbYUWlc43JT5J6JjAIdZD Q3wGkady5g0tVFFs2/RkoZGM9Mo41lnhE15l0C3Z9niEbjFUg94eKp2OjYGOhGaWuHEr fwxFBjJRG4AGp2+N3a8SUOpWtEJyweaX+3zIBNWWZQ+Li1hAAUwMgrjJat5w9oxxjFQI 0Au/LS89gWAruJNmra/RFFgNo4fjXE726Shc3NCUBzks736/BhMwGDx+iHvYqWPEax+n K+Aw== X-Gm-Message-State: ABUngvenK4zvEdzaQm6PHcSBkHYOFYblarQbFztTnl+tNom/xTOeoo/Wg89FXrqGCQ9H7Q== X-Received: by 10.28.47.214 with SMTP id v205mr271830wmv.76.1477353048848; Mon, 24 Oct 2016 16:50:48 -0700 (PDT) Received: from [192.168.2.21] (p5B072FDB.dip0.t-ipconnect.de. [91.7.47.219]) by smtp.googlemail.com with ESMTPSA id uq6sm21815355wjc.37.2016.10.24.16.50.48 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 24 Oct 2016 16:50:48 -0700 (PDT) From: Andreas Cadhalpun X-Google-Original-From: Andreas Cadhalpun To: FFmpeg development discussions and patches Message-ID: Date: Tue, 25 Oct 2016 01:50:47 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Icedove/45.4.0 MIME-Version: 1.0 Subject: [FFmpeg-devel] [PATCH] avcodec: validate codec parameters in avcodec_parameters_to_context X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" This should reduce the impact of a demuxer (or API user) setting bogus codec parameters. Suggested-by: wm4 Signed-off-by: Andreas Cadhalpun --- libavcodec/utils.c | 82 +++++++++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 81 insertions(+), 1 deletion(-) diff --git a/libavcodec/utils.c b/libavcodec/utils.c index 87de15f..9977ffd 100644 --- a/libavcodec/utils.c +++ b/libavcodec/utils.c @@ -4227,8 +4227,20 @@ int avcodec_parameters_to_context(AVCodecContext *codec, codec->codec_id = par->codec_id; codec->codec_tag = par->codec_tag; + if (par->bit_rate < 0) { + av_log(codec, AV_LOG_ERROR, "Invalid bit rate %"PRId64"\n", par->bit_rate); + return AVERROR(EINVAL); + } codec->bit_rate = par->bit_rate; + if (par->bits_per_coded_sample < 0) { + av_log(codec, AV_LOG_ERROR, "Invalid bits per coded sample %d\n", par->bits_per_coded_sample); + return AVERROR(EINVAL); + } codec->bits_per_coded_sample = par->bits_per_coded_sample; + if (par->bits_per_raw_sample < 0) { + av_log(codec, AV_LOG_ERROR, "Invalid bits per raw sample %d\n", par->bits_per_raw_sample); + return AVERROR(EINVAL); + } codec->bits_per_raw_sample = par->bits_per_raw_sample; codec->profile = par->profile; codec->level = par->level; @@ -4236,42 +4248,110 @@ int avcodec_parameters_to_context(AVCodecContext *codec, switch (par->codec_type) { case AVMEDIA_TYPE_VIDEO: codec->pix_fmt = par->format; + if ( (par->width || par->height) && av_image_check_size(par->width, par->height, 0, codec) < 0) + return AVERROR(EINVAL); codec->width = par->width; codec->height = par->height; codec->field_order = par->field_order; + if (par->color_range < 0 || par->color_range > AVCOL_RANGE_NB) { + av_log(codec, AV_LOG_ERROR, "Invalid color range %d\n", par->color_range); + return AVERROR(EINVAL); + } codec->color_range = par->color_range; + if (par->color_primaries < 0 || par->color_primaries > AVCOL_PRI_NB) { + av_log(codec, AV_LOG_ERROR, "Invalid color primaries %d\n", par->color_primaries); + return AVERROR(EINVAL); + } codec->color_primaries = par->color_primaries; + if (par->color_trc < 0 || par->color_trc > AVCOL_TRC_NB) { + av_log(codec, AV_LOG_ERROR, "Invalid color transfer characteristics %d\n", par->color_trc); + return AVERROR(EINVAL); + } codec->color_trc = par->color_trc; + if (par->color_space < 0 || par->color_space > AVCOL_SPC_NB) { + av_log(codec, AV_LOG_ERROR, "Invalid color space %d\n", par->color_space); + return AVERROR(EINVAL); + } codec->colorspace = par->color_space; + if (par->chroma_location < 0 || par->chroma_location > AVCHROMA_LOC_NB) { + av_log(codec, AV_LOG_ERROR, "Invalid chroma location %d\n", par->chroma_location); + return AVERROR(EINVAL); + } codec->chroma_sample_location = par->chroma_location; + if (par->sample_aspect_ratio.num < 0 || par->sample_aspect_ratio.den < 0) { + av_log(codec, AV_LOG_ERROR, "Invalid sample aspect ratio %d/%d\n", + par->sample_aspect_ratio.num, par->sample_aspect_ratio.den); + return AVERROR(EINVAL); + } codec->sample_aspect_ratio = par->sample_aspect_ratio; + if (par->video_delay < 0) { + av_log(codec, AV_LOG_ERROR, "Invalid video delay %d\n", par->video_delay); + return AVERROR(EINVAL); + } codec->has_b_frames = par->video_delay; break; case AVMEDIA_TYPE_AUDIO: + if (par->format < -1 || par->format > AV_SAMPLE_FMT_NB) { + av_log(codec, AV_LOG_ERROR, "Invalid sample format %d\n", par->format); + return AVERROR(EINVAL); + } codec->sample_fmt = par->format; codec->channel_layout = par->channel_layout; + if (par->channels < 0) { + av_log(codec, AV_LOG_ERROR, "Invalid number of channels %d\n", par->channels); + return AVERROR(EINVAL); + } codec->channels = par->channels; + if (par->sample_rate < 0) { + av_log(codec, AV_LOG_ERROR, "Invalid sample rate %d\n", par->sample_rate); + return AVERROR(EINVAL); + } codec->sample_rate = par->sample_rate; + if (par->block_align < 0) { + av_log(codec, AV_LOG_ERROR, "Invalid block align %d\n", par->block_align); + return AVERROR(EINVAL); + } codec->block_align = par->block_align; + if (par->frame_size < 0) { + av_log(codec, AV_LOG_ERROR, "Invalid frame size %d\n", par->frame_size); + return AVERROR(EINVAL); + } codec->frame_size = par->frame_size; + if (par->initial_padding < 0) { + av_log(codec, AV_LOG_ERROR, "Invalid initial padding %d\n", par->initial_padding); + return AVERROR(EINVAL); + } codec->delay = codec->initial_padding = par->initial_padding; + if (par->trailing_padding < 0) { + av_log(codec, AV_LOG_ERROR, "Invalid trailing padding %d\n", par->trailing_padding); + return AVERROR(EINVAL); + } codec->trailing_padding = par->trailing_padding; + if (par->seek_preroll < 0) { + av_log(codec, AV_LOG_ERROR, "Invalid seek preroll %d\n", par->seek_preroll); + return AVERROR(EINVAL); + } codec->seek_preroll = par->seek_preroll; break; case AVMEDIA_TYPE_SUBTITLE: + if ((par->width || par->height) && av_image_check_size(par->width, par->height, 0, codec) < 0) + return AVERROR(EINVAL); codec->width = par->width; codec->height = par->height; break; } - if (par->extradata) { + if (par->extradata_size > 0) { av_freep(&codec->extradata); codec->extradata = av_mallocz(par->extradata_size + AV_INPUT_BUFFER_PADDING_SIZE); if (!codec->extradata) return AVERROR(ENOMEM); memcpy(codec->extradata, par->extradata, par->extradata_size); codec->extradata_size = par->extradata_size; + } else if (par->extradata_size < 0) { + av_log(codec, AV_LOG_ERROR, "Invalid extradata size %d", par->extradata_size); + return AVERROR(EINVAL); } return 0;