From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org [79.124.17.100]) by master.gitmailbox.com (Postfix) with ESMTP id 9AE2D49C46 for ; Thu, 4 Apr 2024 16:29:47 +0000 (UTC) Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 9643868D0B7; Thu, 4 Apr 2024 19:29:44 +0300 (EEST) Received: from mail-pj1-f45.google.com (mail-pj1-f45.google.com [209.85.216.45]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id C9F0868C917 for ; Thu, 4 Apr 2024 19:29:37 +0300 (EEST) Received: by mail-pj1-f45.google.com with SMTP id 98e67ed59e1d1-29b7164eef6so914752a91.2 for ; Thu, 04 Apr 2024 09:29:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1712248175; x=1712852975; darn=ffmpeg.org; h=content-transfer-encoding:mime-version:message-id:date:subject:to :from:from:to:cc:subject:date:message-id:reply-to; bh=+C1jnI30PqGqCDsyznPat++Ox75/+dFuhpWQHBUxCAc=; b=GwqQiKuIcWXJ8PSCohWQaVkZ3boZzsZgza60NKQa5H5VSS1/2Xx2sWOoBUTtVUoKMa zOjwZgdMxF8WSE2XFQfDqWG3NXhJhK12J77w40RRR5tyzGEyP7y6P+Nm2rhTKEh1Y/RO bBvNroYVqC/NO47PGdkJ9iIEYQJpp955l0DaWjnCKphfnd8HkejTMJcad380ccB73rcl wjgDJ708cXsIhBn/jH2mYRSSbOOoSw4DGZhjU3TO5ZdNiQmVYrB5qWVO4kxwVfLyi28y RBqsjIHsvRaj8acW5M9rr7DjKXITD8mBof1+csMhzOv4XKvX5NRCaC1om0YyZdRHtFjd KkqQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1712248175; x=1712852975; h=content-transfer-encoding:mime-version:message-id:date:subject:to :from:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=+C1jnI30PqGqCDsyznPat++Ox75/+dFuhpWQHBUxCAc=; b=Wuk+UsdIHJYQm05Oi8GOrAotq/IMJfNtjB5Vvs5ZCS7fJLRIafKIQd+SUTW/4thpEW SRnlreKW2K735QmODLRqYnSBUd62xdWoVAMKUO5pkuhTD8jMRwvRhTN9BkDLtw6YhFSI yjiP5VmGLAIkU/VFeJdxhFEfPhJbgN5HiEJXekEVyG+I1JqXVVo+pHKSLeF7W2t/RdZM o/GFE8+QK7yM2K/aNEHIW6tWcGN/7S2DFo0OIONKhg9gKpmShFZhbUCdNXPH5zUjZJZr cSW9pEc9yl1JdJjefxdN6gsuloQn1+mlLIPaVW2uniNANB3dE0PfdZW1a+5HGCWmWZS0 GylA== X-Gm-Message-State: AOJu0YweWJlbaNncjRWt2Vk1vj+dohjLiCuPHw/1Cwra4oCjjYljbGwW rxJhf7F/LSKssXoWEjW75EjbN4QKaetaPxxhwAU07Vb/Nk0akKZ9F67YgnW4 X-Google-Smtp-Source: AGHT+IG2uuyV1KRNvnvZE2ihqilGBgbY2yNjbndlG3dBCReXXq3pKaWKel4AL4mwUDl1g9SHWMatvg== X-Received: by 2002:a17:90b:4b4d:b0:2a2:53a5:7559 with SMTP id mi13-20020a17090b4b4d00b002a253a57559mr3127392pjb.38.1712248175088; Thu, 04 Apr 2024 09:29:35 -0700 (PDT) Received: from localhost.localdomain ([190.194.167.233]) by smtp.gmail.com with ESMTPSA id jx15-20020a17090b46cf00b002a2546fd6eesm1741104pjb.6.2024.04.04.09.29.33 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 04 Apr 2024 09:29:34 -0700 (PDT) From: James Almer To: ffmpeg-devel@ffmpeg.org Date: Thu, 4 Apr 2024 13:29:35 -0300 Message-ID: <20240404162936.4581-1-jamrial@gmail.com> X-Mailer: git-send-email 2.44.0 MIME-Version: 1.0 Subject: [FFmpeg-devel] [PATCH 1/2] avcodec/liblc3dec: sanitize channel count in avctx X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" Archived-At: List-Archive: List-Post: Should prevent out of array accesses. Signed-off-by: James Almer --- libavcodec/liblc3dec.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/libavcodec/liblc3dec.c b/libavcodec/liblc3dec.c index c0a31bc91f..52364859d4 100644 --- a/libavcodec/liblc3dec.c +++ b/libavcodec/liblc3dec.c @@ -46,6 +46,8 @@ static av_cold int liblc3_decode_init(AVCodecContext *avctx) if (avctx->extradata_size < 10) return AVERROR_INVALIDDATA; + if (channels < 0 || channels > DECODER_MAX_CHANNELS) + return AVERROR_INVALIDDATA; liblc3->frame_us = AV_RL16(avctx->extradata + 0) * 10; liblc3->srate_hz = avctx->sample_rate; -- 2.44.0 _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".