dsicin: Add some basic sanity checks for fields read from the file

Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org Signed-off-by: Martin Storsjö <martin@martin.st> (cherry picked from commit 48d6556dd46d4f4fac10d0f4a819e314887cd50e) Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
author: Martin Storsjö <martin@martin.st> 2013-09-11 15:13:48 +0300
committer: Luca Barbato <lu_zero@gentoo.org> 2013-10-03 20:29:15 +0200
commit: 3bd0cd26774dcc69a0ea7d53c5f3d38c6fad30ae (patch)
tree: 727cb3e46b42be479f14e0605d4c2659663b3f3a
parent: 4d073ddac95d789f23c3ee6f7b5348599b39f047 (diff)
download: ffmpeg-3bd0cd26774dcc69a0ea7d53c5f3d38c6fad30ae.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/libavformat/dsicin.c b/libavformat/dsicin.c
index ecc8c0b6af..6a7c8b948a 100644
--- a/libavformat/dsicin.c
+++ b/libavformat/dsicin.c
@@ -154,6 +154,8 @@ static int cin_read_frame_header(CinDemuxContext *cin, AVIOContext *pb) {
 
     if (avio_rl32(pb) != 0xAA55AA55)
         return AVERROR_INVALIDDATA;
+    if (hdr->video_frame_size < 0 || hdr->audio_frame_size < 0)
+        return AVERROR_INVALIDDATA;
 
     return 0;
 }
author	Martin Storsjö <martin@martin.st>	2013-09-11 15:13:48 +0300
committer	Luca Barbato <lu_zero@gentoo.org>	2013-10-03 20:29:15 +0200
commit	3bd0cd26774dcc69a0ea7d53c5f3d38c6fad30ae (patch)
tree	727cb3e46b42be479f14e0605d4c2659663b3f3a
parent	4d073ddac95d789f23c3ee6f7b5348599b39f047 (diff)
download	ffmpeg-3bd0cd26774dcc69a0ea7d53c5f3d38c6fad30ae.tar.gz