ffmpeg | branch: master | Andreas Cadhalpun <[email protected]> | Sun Oct 23 16:23:55 2016 +0200| [fc022e77eed66ccfd7ac1788ba23f790c6769dee] | committer: Andreas Cadhalpun
mov: validate sample_rate A negative sample rate doesn't make sense and triggers assertions in av_rescale_rnd. fate-aac-al07_96 fails if sample_rate == 0 is rejected in ff_mov_read_stsd_entries. Signed-off-by: Andreas Cadhalpun <[email protected]> > http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=fc022e77eed66ccfd7ac1788ba23f790c6769dee --- libavformat/mov.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/libavformat/mov.c b/libavformat/mov.c index 9179b58..b6c8c29 100644 --- a/libavformat/mov.c +++ b/libavformat/mov.c @@ -888,6 +888,10 @@ static int mov_read_ddts(MOVContext *c, AVIOContext *pb, MOVAtom atom) st = c->fc->streams[c->fc->nb_streams-1]; st->codecpar->sample_rate = get_bits_long(&gb, 32); + if (st->codecpar->sample_rate <= 0) { + av_log(c->fc, AV_LOG_ERROR, "Invalid sample rate %d\n", st->codecpar->sample_rate); + return AVERROR_INVALIDDATA; + } skip_bits_long(&gb, 32); /* max bitrate */ st->codecpar->bit_rate = get_bits_long(&gb, 32); st->codecpar->bits_per_coded_sample = get_bits(&gb, 8); @@ -2273,6 +2277,10 @@ int ff_mov_read_stsd_entries(MOVContext *c, AVIOContext *pb, int entries) } else if (st->codecpar->codec_type==AVMEDIA_TYPE_AUDIO) { st->codecpar->codec_id = id; mov_parse_stsd_audio(c, pb, st, sc); + if (st->codecpar->sample_rate < 0) { + av_log(c->fc, AV_LOG_ERROR, "Invalid sample rate %d\n", st->codecpar->sample_rate); + return AVERROR_INVALIDDATA; + } } else if (st->codecpar->codec_type==AVMEDIA_TYPE_SUBTITLE){ st->codecpar->codec_id = id; mov_parse_stsd_subtitle(c, pb, st, sc, _______________________________________________ ffmpeg-cvslog mailing list [email protected] http://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog
