Fixes: Division by 0
Fixes: -copyts -start_at_zero -itsoffset 00:00:01 -itsscale 1 -ss 00:00:02 -i
zgclab/ffmpeg_crash/poc1 output.mp4
Found-by: Wang Dawei and Zhou Geng, from Zhongguancun Laboratory
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
---
libavformat/kvag.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/libavformat/kvag.c b/libavformat/kvag.c
index 1d0aee09942..b55aa893ec2 100644
--- a/libavformat/kvag.c
+++ b/libavformat/kvag.c
@@ -38,7 +38,7 @@
typedef struct KVAGHeader {
uint32_t magic;
uint32_t data_size;
- uint32_t sample_rate;
+ int sample_rate;
uint16_t stereo;
} KVAGHeader;
@@ -70,6 +70,9 @@ static int kvag_read_header(AVFormatContext *s)
hdr.sample_rate = AV_RL32(buf + 8);
hdr.stereo = AV_RL16(buf + 12);
+ if (hdr.sample_rate <= 0)
+ return AVERROR_INVALIDDATA;
+
par = st->codecpar;
par->codec_type = AVMEDIA_TYPE_AUDIO;
par->codec_id = AV_CODEC_ID_ADPCM_IMA_SSI;
--
2.43.2
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
