From: Michael Niedermayer <michael@niedermayer.cc>
To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
Subject: [FFmpeg-devel] [PATCH 5/5] avcodec/wavarc: Check that nb_samples is not negative
Date: Mon, 7 Aug 2023 02:49:49 +0200
Message-ID: <20230807004949.31634-5-michael@niedermayer.cc> (raw)
In-Reply-To: <20230807004949.31634-1-michael@niedermayer.cc>
It is currently probably not possible for it to be negative as
the needed 2Mb input buf size is not achievable. But it is more
robust to check for it too.
If it would become negative than code like
s->samples[0][n] = s->samples[0][s->nb_samples + n];
would crash
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
---
libavcodec/wavarc.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/libavcodec/wavarc.c b/libavcodec/wavarc.c
index 0dc5849679..4bdd548d5f 100644
--- a/libavcodec/wavarc.c
+++ b/libavcodec/wavarc.c
@@ -311,7 +311,7 @@ static int decode_2slp(AVCodecContext *avctx,
return AVERROR_EOF;
case 8:
s->nb_samples = get_urice(gb, 8);
- if (s->nb_samples > 570) {
+ if (s->nb_samples > 570U) {
s->nb_samples = 570;
return AVERROR_INVALIDDATA;
}
@@ -587,7 +587,7 @@ static int decode_5elp(AVCodecContext *avctx,
return AVERROR_EOF;
case 11:
s->nb_samples = get_urice(gb, 8);
- if (s->nb_samples > 570) {
+ if (s->nb_samples > 570U) {
s->nb_samples = 570;
return AVERROR_INVALIDDATA;
}
--
2.17.1
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".
prev parent reply other threads:[~2023-08-07 0:50 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-08-07 0:49 [FFmpeg-devel] [PATCH 1/5] avcodec/mv30: Allocate frame later Michael Niedermayer
2023-08-07 0:49 ` [FFmpeg-devel] [PATCH 2/5] avcodec/mv30: Check the input length before allocation Michael Niedermayer
2023-08-07 8:22 ` Paul B Mahol
2023-09-22 19:27 ` Michael Niedermayer
2023-09-22 19:31 ` Paul B Mahol
2023-09-22 21:34 ` Michael Niedermayer
2023-09-22 21:57 ` Paul B Mahol
2023-08-07 0:49 ` [FFmpeg-devel] [PATCH 3/5] avcodec/xvididct: Fix integer overflow in idct_row() Michael Niedermayer
2023-08-23 20:42 ` Michael Niedermayer
2023-08-07 0:49 ` [FFmpeg-devel] [PATCH 4/5] avcodec/wavarc: Check shift Michael Niedermayer
2023-08-07 0:49 ` Michael Niedermayer [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230807004949.31634-5-michael@niedermayer.cc \
--to=michael@niedermayer.cc \
--cc=ffmpeg-devel@ffmpeg.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Git Inbox Mirror of the ffmpeg-devel mailing list - see https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
This inbox may be cloned and mirrored by anyone:
git clone --mirror https://master.gitmailbox.com/ffmpegdev/0 ffmpegdev/git/0.git
# If you have public-inbox 1.1+ installed, you may
# initialize and index your mirror using the following commands:
public-inbox-init -V2 ffmpegdev ffmpegdev/ https://master.gitmailbox.com/ffmpegdev \
ffmpegdev@gitmailbox.com
public-inbox-index ffmpegdev
Example config snippet for mirrors.
AGPL code for this site: git clone https://public-inbox.org/public-inbox.git