RepoMirrors
/
ffmpeg
mirror of https://git.ffmpeg.org/ffmpeg.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

avformat/oggparseopus: Check that granule pos is within the supported range 

Larger values would imply file durations of astronomic proportions and cause
overflows

Fixes integer overflow
Fixes: usan_int64_overflow

Found-by: Thomas Guilbert <tguilbert@google.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This commit is contained in:
Michael Niedermayer 2016-05-10 23:12:58 +02:00
parent aeefe018f8
commit 8efaee3710
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
libavformat/oggparseopus.c
View File

@ -117,6 +117,10 @@ static int opus_packet(AVFormatContext *avf, int idx)
if (!os->psize) if (!os->psize)
return AVERROR_INVALIDDATA; return AVERROR_INVALIDDATA;
if (os->granule > INT64_MAX - UINT32_MAX) {
av_log(avf, AV_LOG_ERROR, "Unsupported huge granule pos %"PRId64 "\n", os->granule);
return AVERROR_INVALIDDATA;
}
if ((!os->lastpts || os->lastpts == AV_NOPTS_VALUE) && !(os->flags & OGG_FLAG_EOS)) { if ((!os->lastpts || os->lastpts == AV_NOPTS_VALUE) && !(os->flags & OGG_FLAG_EOS)) {
int seg, d; int seg, d;