vlc/vlc-3.0 | branch: master | Hugo Beauzée-Luyssen <[email protected]> | Wed Jul 31 16:28:49 2019 +0200| [9df056b6d6acf78acd36ea699b4e0588988a8f66] | committer: Hugo Beauzée-Luyssen
caf: Reject samples without samplerate Since the spec mandates it CVE-2019-14498 (cherry picked from commit 56b21668e8d9384386cb037f3eb0b13dd6dae5b5) Signed-off-by: Hugo Beauzée-Luyssen <[email protected]> > http://git.videolan.org/gitweb.cgi/vlc/vlc-3.0.git/?a=commit;h=9df056b6d6acf78acd36ea699b4e0588988a8f66 --- modules/demux/caf.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/modules/demux/caf.c b/modules/demux/caf.c index f1e6724c3c..fb75f67e61 100644 --- a/modules/demux/caf.c +++ b/modules/demux/caf.c @@ -506,6 +506,11 @@ static int ReadDescChunk( demux_t *p_demux ) return VLC_EGENERIC; p_sys->fmt.audio.i_rate = (unsigned int)lround( d_rate ); + if( !p_sys->fmt.audio.i_rate ) + { + msg_Err( p_demux, "Sample rate must be non-zero" ); + return VLC_EGENERIC; + } p_sys->fmt.audio.i_channels = i_channels_per_frame; p_sys->fmt.audio.i_bytes_per_frame = i_bytes_per_packet; /* "mBytesPerPacket" in Apple parlance */ p_sys->fmt.audio.i_frame_length = i_frames_per_packet; /* "mFramesPerPacket" in Apple parlance */ @@ -885,7 +890,7 @@ static int Open( vlc_object_t *p_this ) i_idx++; } - if ( !p_sys->i_data_offset || p_sys->fmt.i_cat != AUDIO_ES || + if ( !p_sys->i_data_offset || p_sys->fmt.i_cat != AUDIO_ES || !p_sys->fmt.audio.i_rate || ( NeedsPacketTable( p_sys ) && !p_sys->packet_table.i_descriptions_start )) { msg_Err( p_demux, "Did not find all necessary chunks." ); _______________________________________________ vlc-commits mailing list [email protected] https://mailman.videolan.org/listinfo/vlc-commits
