blob: f1e635595dddb9cca97c3237f5d8f25e078bcff4 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
|
From 458ed62bbeb9d1bddf7b8df104e14936408a3db9 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Rafa=C3=ABl=20Carr=C3=A9?= <funman@videolan.org>
Date: Wed, 25 May 2016 10:00:25 +0200
Subject: [PATCH] adpcm: reject invalid QuickTime IMA files
DecodeAdpcmImaQT() can only decode up to stereo files.
Fix out of bound write.
Reported by: Patrick Coleman <blinken@gmail.com>
Signed-off-by: Jean-Baptiste Kempf <jb@videolan.org>
---
modules/codec/adpcm.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/modules/codec/adpcm.c b/modules/codec/adpcm.c
index 41321fe..ce89b2d 100644
--- a/modules/codec/adpcm.c
+++ b/modules/codec/adpcm.c
@@ -175,6 +175,12 @@ static int OpenDecoder( vlc_object_t *p_this )
switch( p_dec->fmt_in.i_codec )
{
case VLC_FOURCC('i','m','a', '4'): /* IMA ADPCM */
+ if (p_dec->fmt_in.audio.i_channels > 2) {
+ free(p_sys);
+ msg_Err(p_dec, "Invalid number of channels %i",
+ p_dec->fmt_in.audio.i_channels );
+ return VLC_EGENERIC;
+ }
p_sys->codec = ADPCM_IMA_QT;
break;
case VLC_CODEC_ADPCM_IMA_WAV: /* IMA ADPCM */
--
1.7.10.4
|
