avformat/mov: Check sample size for overflow in mov_parse_stsd_audio()

author Michael Niedermayer <michael@niedermayer.cc>

Wed, 17 Mar 2021 22:39:04 +0000 (23:39 +0100)

committer Michael Niedermayer <michael@niedermayer.cc>

Fri, 26 Mar 2021 15:00:14 +0000 (16:00 +0100)
author Michael Niedermayer <michael@niedermayer.cc>
Wed, 17 Mar 2021 22:39:04 +0000 (23:39 +0100)
committer Michael Niedermayer <michael@niedermayer.cc>
Fri, 26 Mar 2021 15:00:14 +0000 (16:00 +0100)
diff --git a/libavformat/mov.c b/libavformat/mov.c

index aef5517c2c0f287b9f4388bd666b8e361fc21ec4..b90cec7173617bbd8cf7a927d99210a1dae5ed9a 100644 (file)
--- a/libavformat/mov.c
+++ b/libavformat/mov.c
@@ -2263,7 +2263,7 @@ static void mov_parse_stsd_audio(MOVContext *c, AVIOContext *pb,
      }
  
      bits_per_sample = av_get_bits_per_sample(st->codecpar->codec_id);
-    if (bits_per_sample) {
+    if (bits_per_sample && (bits_per_sample >> 3) * (uint64_t)st->codecpar->channels <= INT_MAX) {
          st->codecpar->bits_per_coded_sample = bits_per_sample;
          sc->sample_size = (bits_per_sample >> 3) * st->codecpar->channels;
      }
author	Michael Niedermayer <michael@niedermayer.cc>
	Wed, 17 Mar 2021 22:39:04 +0000 (23:39 +0100)
committer	Michael Niedermayer <michael@niedermayer.cc>
	Fri, 26 Mar 2021 15:00:14 +0000 (16:00 +0100)