From patchwork Wed Aug 7 13:42:46 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Kacper Michajlow X-Patchwork-Id: 50925 Delivered-To: ffmpegpatchwork2@gmail.com Received: by 2002:a59:d7b2:0:b0:489:2eb3:e4c4 with SMTP id dc18csp414841vqb; Wed, 7 Aug 2024 07:21:08 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCUbwDjzomybOcyz0UzSlj6l5FX3iU/M9ZGJx+Z9/ZQl9O5ZoTBLGN93MwZKA9sN2OZOWEiXVPTKHdacoDQyOHOQMdE3yt5J7y0vpA== X-Google-Smtp-Source: AGHT+IFEojK+ENWbE2w3HWSD7/uFsKClWeSxRe1HG7xXoSZiEN0Mgp78NK3pGFPhbmjjTFjt+xoR X-Received: by 2002:a2e:7303:0:b0:2ef:24e8:fd83 with SMTP id 38308e7fff4ca-2f15aafdcaamr123889991fa.38.1723040468489; Wed, 07 Aug 2024 07:21:08 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1723040468; cv=none; d=google.com; s=arc-20160816; b=W432NSuYBFP+l3swM8CJNZxHIkGxtSzU3YpCmsOX4buPCKwlfeI08tYgsVrTHsR60h H15sWZB7EgcOp/mG0OWzRcz0yWkPipXzivsNgBwhH1dtzcHhPeD0l42RvvSzEWtAuNk4 ErOTPXwCaqCPdRbFLOT3nwYcjgYQA9RO4u1wvaYleT99W79aCGWUNas7vBnsLl0t877J Zi3hkI4BvTHibEWgKzjIl/GXU6pF2t+vFmyumuFRvKnNLkeFyuzM5UncLZF6O4EtNczP Fqhq++q0NfT9JmLOO+PuIJhD50Moj/k9xCKEPlR3FkqDefieK9MGVlY48XOZns0LQSwf HSCQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:cc:reply-to :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:mime-version:message-id:date:to:from :dkim-signature:delivered-to; bh=/s/aAGJHJF3TtVPAxeaG8UBI/Ma51ZP2QDn3lPdXalY=; fh=VehHF75ibtIiOcMFupA+RvAd8F/HWiWMZFlcjyRnn54=; b=FPD89KEhxHeTcML0xNBTyhevUtv17TkNtX7crlc5h2j2W6keSq8zl8XROHcXukhLpE ZUp15VCYRpGHOMAWSIHMTyJMr2K85LJ8hCg/QSHvBs1rzOaOCs7WfYs5RsqYgVLUTwRz dLFfuHQoxeuDvSIA2i6fH5SUlGhG/NKCAzZytOFuNObVjrBqqAhEJl4ch6kcZpJl+rDV wtKw5Fax14FQ5ekgGItdLhLsKxHm8cSV968ReTVWjT6U3kKyEh/5/oTfU8YG0hLfvCtS sFEpaW7VS6o9Bt4B2mvjJJeXdwzevBd9A7rtvSBm6wCjF00FwSt6x7OXvq+X7pxrdUlq 0pbg==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@gmail.com header.s=20230601 header.b=DyYNt+7s; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org; dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com; dara=fail header.i=@gmail.com Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org. [79.124.17.100]) by mx.google.com with ESMTP id 38308e7fff4ca-2f15e1cb4f2si34391911fa.269.2024.08.07.07.21.08; Wed, 07 Aug 2024 07:21:08 -0700 (PDT) Received-SPF: pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) client-ip=79.124.17.100; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@gmail.com header.s=20230601 header.b=DyYNt+7s; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org; dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com; dara=fail header.i=@gmail.com Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id CB32E68DAD0; Wed, 7 Aug 2024 16:44:05 +0300 (EEST) X-Original-To: ffmpeg-devel@ffmpeg.org Delivered-To: ffmpeg-devel@ffmpeg.org Received: from mail-lf1-f49.google.com (mail-lf1-f49.google.com [209.85.167.49]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 4E80768DA59 for ; Wed, 7 Aug 2024 16:43:59 +0300 (EEST) Received: by mail-lf1-f49.google.com with SMTP id 2adb3069b0e04-52efe4c7c16so2741450e87.0 for ; Wed, 07 Aug 2024 06:43:59 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1723038238; x=1723643038; darn=ffmpeg.org; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=cfmmayI4VaPYPrOk6VbZOB8Ea4z3WdqSmla6OFLqcUU=; b=DyYNt+7s5U8T1S9TRKXXEPfS63K+HVMgMU/epXuBgGkIVAbjT+OuF08h22gwQl/y5a i6SveJ6FPocRsNGxvtZOenO+inG6UHZCzzIjgPOeYIUkDBLGg+0/NIAx/9oiscOYFLiZ law97Z2pQTpanyudV1cEj2qx0vDsSZ7FKF0r/FNoB7OsQn9DoQUJ6ZudpIAWNo3LPWaY 75BVBo7tgL+oTSCS3g2JtsAxjO9sqO6xgIH7WSBNz1u68dCQm09z1tjk5dI6LKWufW57 S9tBDqSkJzkdSxdATtxWNPHeicDCClMA/+uArT2iI+3YkF189weZglPdbJg0wM7NPeh1 fJrg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1723038238; x=1723643038; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=cfmmayI4VaPYPrOk6VbZOB8Ea4z3WdqSmla6OFLqcUU=; b=QPBChHVys3hM03iYUkOMfnoPtDYw4+eNBMpvW5YmjowFpwMSKx3o+BcYrPGEuAsfW8 PVnSdQo9EDGPmUWhfQa9GVgf8R71H6hxF0Su6kmHl5TJ37sA31h0/fNv/4E1VVpTWSM9 rbJA/vEj1h9Zrzfb+U0+Td3RL7BnG9y66iqh7somVdNm5o+5wY8UvOo065eyZHRpZwVR 08xhp0CBwx99KYowj1I4lcucfWsV/9vPFiRTamXiUaBVoYQ9hawjZXpyxAOzfl4AfWF5 taUVKjiKC/bYYAWuhBm0EF38xEbNomBLStKCg9DddvXyQBYCZgXANUcCQ54P7WPSZvIk nYqg== X-Gm-Message-State: AOJu0YzfEUipg+E1niPacxORRNYoVgk86P+ek8ZVjkX+Qh+Lq2+sjytz rsG93Hv0dvKo34MKv7b4jEbBx0LmssP5k/P1LPq6MEPpylvmuGZKV8+MLtLP X-Received: by 2002:a05:6512:2241:b0:530:ab76:9a58 with SMTP id 2adb3069b0e04-530bb3e0c29mr10066517e87.61.1723038237640; Wed, 07 Aug 2024 06:43:57 -0700 (PDT) Received: from localhost.localdomain (89-79-4-240.dynamic.chello.pl. [89.79.4.240]) by smtp.gmail.com with ESMTPSA id 2adb3069b0e04-530de483298sm255669e87.294.2024.08.07.06.43.57 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 07 Aug 2024 06:43:57 -0700 (PDT) From: =?utf-8?q?Kacper_Michaj=C5=82ow?= To: ffmpeg-devel@ffmpeg.org Date: Wed, 7 Aug 2024 15:42:46 +0200 Message-ID: <20240807134246.1559-1-kasper93@gmail.com> X-Mailer: git-send-email 2.43.0 MIME-Version: 1.0 Subject: [FFmpeg-devel] [PATCH] avformat/vpk: fix divide by zero X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Cc: =?utf-8?q?Kacper_Michaj=C5=82ow?= Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" X-TUID: A7DCFQpldTFS Can happen after calling avformat_find_stream_info() when the codec fails to open, but return value is 0 and subsequent uses of this context have zero value in channel number. Found by OSS-Fuzz. Signed-off-by: Kacper Michajłow --- libavformat/vpk.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/libavformat/vpk.c b/libavformat/vpk.c index 001ad33555..aa98ef2dd4 100644 --- a/libavformat/vpk.c +++ b/libavformat/vpk.c @@ -86,6 +86,8 @@ static int vpk_read_packet(AVFormatContext *s, AVPacket *pkt) vpk->current_block++; if (vpk->current_block == vpk->block_count) { + if (par->ch_layout.nb_channels <= 0) + return AVERROR_INVALIDDATA; unsigned size = vpk->last_block_size / par->ch_layout.nb_channels; unsigned skip = (par->block_align - vpk->last_block_size) / par->ch_layout.nb_channels; uint64_t pos = avio_tell(s->pb);