Chiebot-Mirror
/
FFmpeg
mirror of https://github.com/FFmpeg/FFmpeg.git
8
0
Fork 0
Code Issues Projects Releases Wiki Activity

alac: fix integer overflow leading to subsequent out of array accesses.

Browse Source 
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
pull/6/merge
Michael Niedermayer 12 years ago
parent fd4f4923cc
commit 3920d13878
1 changed files with 5 additions and 1 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 6
      libavcodec/alac.c

6
libavcodec/alac.c
Unescape View File

@ -542,7 +542,11 @@ static av_cold int alac_decode_close(AVCodecContext *avctx)
static int allocate_buffers(ALACContext *alac)
{
int ch;
int buf_size = alac->max_samples_per_frame * sizeof(int32_t);
int buf_size;
if (alac->max_samples_per_frame > INT_MAX / sizeof(int32_t))
goto buf_alloc_fail;
buf_size = alac->max_samples_per_frame * sizeof(int32_t);
for (ch = 0; ch < FFMIN(alac->channels, 2); ch++) {
FF_ALLOC_OR_GOTO(alac->avctx, alac->predict_error_buffer[ch],

Write Preview
Loading…
Cancel
Save