RepoMirrors
/
ffmpeg
mirror of https://git.ffmpeg.org/ffmpeg.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

avformat/kvag: Check sample_rate 

Fixes: Division by 0
Fixes: -copyts -start_at_zero -itsoffset 00:00:01 -itsscale 1 -ss 00:00:02  -i zgclab/ffmpeg_crash/poc1 output.mp4

Found-by: Wang Dawei and Zhou Geng, from Zhongguancun Laboratory
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This commit is contained in:
Michael Niedermayer 2024-04-29 23:44:25 +02:00
parent 615c994739
commit c26a762ea1
No known key found for this signature in database
GPG Key ID: B18E8928B3948D64
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
libavformat/kvag.c
View File

@ -38,7 +38,7 @@
typedef struct KVAGHeader { typedef struct KVAGHeader {
uint32_t magic; uint32_t magic;
uint32_t data_size; uint32_t data_size;
uint32_t sample_rate; int sample_rate;
uint16_t stereo; uint16_t stereo;
} KVAGHeader; } KVAGHeader;
@ -70,6 +70,9 @@ static int kvag_read_header(AVFormatContext *s)
hdr.sample_rate = AV_RL32(buf + 8); hdr.sample_rate = AV_RL32(buf + 8);
hdr.stereo = AV_RL16(buf + 12); hdr.stereo = AV_RL16(buf + 12);
if (hdr.sample_rate <= 0)
return AVERROR_INVALIDDATA;
par = st->codecpar; par = st->codecpar;
par->codec_type = AVMEDIA_TYPE_AUDIO; par->codec_type = AVMEDIA_TYPE_AUDIO;
par->codec_id = AV_CODEC_ID_ADPCM_IMA_SSI; par->codec_id = AV_CODEC_ID_ADPCM_IMA_SSI;