[libav-devel] [PATCH 02/45] lavc: check channel count after decoder init

Justin Ruggles Tue, 23 Oct 2012 14:43:24 -0700

Ensures the decoder did not set channel count to an insanely high value
during initialization, which could cause large memory usage when it tries to
get a buffer during decoding.
---
 libavcodec/utils.c |    5 +++++
 1 files changed, 5 insertions(+), 0 deletions(-)


diff --git a/libavcodec/utils.c b/libavcodec/utils.c
index be6d7ae..8a37ef2 100644
--- a/libavcodec/utils.c
+++ b/libavcodec/utils.c
@@ -881,6 +881,11 @@ int attribute_align_arg avcodec_open2(AVCodecContext 
*avctx, const AVCodec *code
                 avctx->channel_layout = 0;
             }
         }
+        if (avctx->channels && avctx->channels < 0 ||
+            avctx->channels > FF_SANE_NB_CHANNELS) {
+            ret = AVERROR(EINVAL);
+            goto free_and_end;
+        }
     }
 end:
     entangled_thread_counter--;
-- 
1.7.1

_______________________________________________
libav-devel mailing list
libav-devel@libav.org
https://lists.libav.org/mailman/listinfo/libav-devel

[libav-devel] [PATCH 02/45] lavc: check channel count after decoder init

Reply via email to