mirror of
https://github.com/FFmpeg/FFmpeg.git
synced 2024-12-23 12:43:46 +02:00
avformat/redspark: check coef_off
Fixes out of array reads Found-by: Laurent Butti <laurentb@gmail.com> Reviewed-by: Paul B Mahol <onemda@gmail.com> Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
This commit is contained in:
parent
9e477a3770
commit
aadfadd784
@ -108,6 +108,11 @@ static int redspark_read_header(AVFormatContext *s)
|
|||||||
if (bytestream2_get_byteu(&gbc)) // Loop flag
|
if (bytestream2_get_byteu(&gbc)) // Loop flag
|
||||||
coef_off += 16;
|
coef_off += 16;
|
||||||
|
|
||||||
|
if (coef_off + codec->channels * (32 + 14) > HEADER_SIZE) {
|
||||||
|
ret = AVERROR_INVALIDDATA;
|
||||||
|
goto fail;
|
||||||
|
}
|
||||||
|
|
||||||
codec->extradata_size = 32 * codec->channels;
|
codec->extradata_size = 32 * codec->channels;
|
||||||
codec->extradata = av_malloc(codec->extradata_size);
|
codec->extradata = av_malloc(codec->extradata_size);
|
||||||
if (!codec->extradata) {
|
if (!codec->extradata) {
|
||||||
|
Loading…
Reference in New Issue
Block a user