dsicin: Add some basic sanity checks for fields read from the file

Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org Signed-off-by: Martin Storsjö <martin@martin.st> (cherry picked from commit 48d6556dd46d4f4fac10d0f4a819e314887cd50e) Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
author: Martin Storsjö <martin@martin.st> 2013-09-11 15:13:48 +0300
committer: Luca Barbato <lu_zero@gentoo.org> 2014-01-07 09:43:56 +0100
commit: e01d623e01937d43de404807ae0bf7c2cf88fb0b (patch)
tree: 94a7351194c80759f3bf71ef3e6bc5660a721bbd
parent: b6fc0127ce8487602ce79f64bfd263ef0dc9df9b (diff)
download: ffmpeg-e01d623e01937d43de404807ae0bf7c2cf88fb0b.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/libavformat/dsicin.c b/libavformat/dsicin.c
index 801ca6af22..03af6c66d1 100644
--- a/libavformat/dsicin.c
+++ b/libavformat/dsicin.c
@@ -152,6 +152,8 @@ static int cin_read_frame_header(CinDemuxContext *cin, AVIOContext *pb) {
 
     if (avio_rl32(pb) != 0xAA55AA55)
         return AVERROR_INVALIDDATA;
+    if (hdr->video_frame_size < 0 || hdr->audio_frame_size < 0)
+        return AVERROR_INVALIDDATA;
 
     return 0;
 }
author	Martin Storsjö <martin@martin.st>	2013-09-11 15:13:48 +0300
committer	Luca Barbato <lu_zero@gentoo.org>	2014-01-07 09:43:56 +0100
commit	e01d623e01937d43de404807ae0bf7c2cf88fb0b (patch)
tree	94a7351194c80759f3bf71ef3e6bc5660a721bbd
parent	b6fc0127ce8487602ce79f64bfd263ef0dc9df9b (diff)
download	ffmpeg-e01d623e01937d43de404807ae0bf7c2cf88fb0b.tar.gz