From 48d6556dd46d4f4fac10d0f4a819e314887cd50e Mon Sep 17 00:00:00 2001 From: =?utf8?q?Martin=20Storsj=C3=B6?= Date: Wed, 11 Sep 2013 15:13:48 +0300 Subject: [PATCH] dsicin: Add some basic sanity checks for fields read from the file MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org Signed-off-by: Martin Storsjö --- libavformat/dsicin.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/libavformat/dsicin.c b/libavformat/dsicin.c index ecc8c0b..6a7c8b9 100644 --- a/libavformat/dsicin.c +++ b/libavformat/dsicin.c @@ -154,6 +154,8 @@ static int cin_read_frame_header(CinDemuxContext *cin, AVIOContext *pb) { if (avio_rl32(pb) != 0xAA55AA55) return AVERROR_INVALIDDATA; + if (hdr->video_frame_size < 0 || hdr->audio_frame_size < 0) + return AVERROR_INVALIDDATA; return 0; } -- 2.7.4