> On Dec 15, 2016, at 20:32, Andreas Cadhalpun > <andreas.cadhal...@googlemail.com> wrote: > > Signed-off-by: Andreas Cadhalpun <andreas.cadhal...@googlemail.com> > --- > libavformat/4xm.c | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/libavformat/4xm.c b/libavformat/4xm.c > index 2758b69..9332f78 100644 > --- a/libavformat/4xm.c > +++ b/libavformat/4xm.c > @@ -187,6 +187,7 @@ static int parse_strk(AVFormatContext *s, > st->codecpar->bit_rate = (int64_t)st->codecpar->channels * > st->codecpar->sample_rate * > st->codecpar->bits_per_coded_sample; > + FF_BAIL_ON_OVERFLOW(s, st->codecpar->channels && > st->codecpar->bits_per_coded_sample > INT_MAX / st->codecpar->channels)
Shouldn't this go before the actual (potentially-overflowing) calculation is done? > st->codecpar->block_align = st->codecpar->channels * > st->codecpar->bits_per_coded_sample; > > -- > 2.10.2 > > _______________________________________________ > ffmpeg-devel mailing list > ffmpeg-devel@ffmpeg.org > http://ffmpeg.org/mailman/listinfo/ffmpeg-devel _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org http://ffmpeg.org/mailman/listinfo/ffmpeg-devel