avformat/aiffdec: Check packet size

Fixes: Fixes infinite loop Fixes: 26575/clusterfuzz-testcase-minimized-ffmpeg_dem_AIFF_fuzzer-5727522236661760 Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 0ba71a72d3a617b255b71988a000d5093222f779) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
author: Michael Niedermayer <michael@niedermayer.cc> 2020-10-26 20:55:31 +0100
committer: Michael Niedermayer <michael@niedermayer.cc> 2021-09-09 13:53:29 +0200
commit: 5a76224c8826b3b7719a97e47ac9d2120a0fc419 (patch)
tree: cd7a5daf160e14ef8bbe9dd6f5078a6e8cdf0145
parent: 4ed66956584c881c29b1381fbd573adeaa5c4338 (diff)
download: ffmpeg-5a76224c8826b3b7719a97e47ac9d2120a0fc419.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/libavformat/aiffdec.c b/libavformat/aiffdec.c
index 7c701e0c70..413ae54748 100644
--- a/libavformat/aiffdec.c
+++ b/libavformat/aiffdec.c
@@ -398,6 +398,8 @@ static int aiff_read_packet(AVFormatContext *s,
         break;
     default:
         size = st->codecpar->block_align ? (MAX_SIZE / st->codecpar->block_align) * st->codecpar->block_align : MAX_SIZE;
+        if (!size)
+            return AVERROR_INVALIDDATA;
     }
     size = FFMIN(max_size, size);
     res = av_get_packet(s->pb, pkt, size);
author	Michael Niedermayer <michael@niedermayer.cc>	2020-10-26 20:55:31 +0100
committer	Michael Niedermayer <michael@niedermayer.cc>	2021-09-09 13:53:29 +0200
commit	5a76224c8826b3b7719a97e47ac9d2120a0fc419 (patch)
tree	cd7a5daf160e14ef8bbe9dd6f5078a6e8cdf0145
parent	4ed66956584c881c29b1381fbd573adeaa5c4338 (diff)
download	ffmpeg-5a76224c8826b3b7719a97e47ac9d2120a0fc419.tar.gz