wrapper/FFmpeg
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

avcodec/libvorbisdec: avoid overflow when assinging sample rate from long to int

Browse source 
Fixes: 416134551/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_LIBVORBIS_DEC_fuzzer-6096101407260672
Found-by: OSS-Fuzz
Signed-off-by: Kacper Michajłow <kasper93@gmail.com>
This commit is contained in:
Kacper Michajłow 2025-08-09 17:15:51 +02:00
parent 286a3892a8
commit 2287a19abb
No known key found for this signature in database
GPG key ID: 6580132338ABD4E2
1 changed files with 6 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

6
libavcodec/libvorbisdec.c
View file

@ -114,6 +114,12 @@ static av_cold int oggvorbis_decode_init(AVCodecContext *avccontext)
}
}
if (context->vi.rate <= 0 || context->vi.rate > INT_MAX) {
av_log(avccontext, AV_LOG_ERROR, "vorbis rate is invalid\n");
ret = AVERROR_INVALIDDATA;
goto error;
}
av_channel_layout_uninit(&avccontext->ch_layout);
avccontext->ch_layout.order = AV_CHANNEL_ORDER_UNSPEC;
avccontext->ch_layout.nb_channels = context->vi.channels;