Skip to content

F
ffmpeg.wasm-core
Commit 7d49f79f authored by Justin Ruggles's avatar Justin Ruggles
Browse files
Options

qdm2: check output buffer size before decoding

parent 5a19acb1
Show whitespace changes
Inline Side-by-side
Showing with 9 additions and 2 deletions
libavcodec/qdm2.c
View file @ 7d49f79f
...@@ -1960,13 +1960,20 @@ static int qdm2_decode_frame(AVCodecContext *avctx, ...@@ -1960,13 +1960,20 @@ static int qdm2_decode_frame(AVCodecContext *avctx,
int buf_size = avpkt->size; int buf_size = avpkt->size;
QDM2Context *s = avctx->priv_data; QDM2Context *s = avctx->priv_data;
int16_t *out = data; int16_t *out = data;
int i; int i, out_size;
if(!buf) if(!buf)
return 0; return 0;
if(buf_size < s->checksum_size) if(buf_size < s->checksum_size)
return -1; return -1;
out_size = 16 * s->channels * s->frame_size *
av_get_bytes_per_sample(avctx->sample_fmt);
if (*data_size < out_size) {
av_log(avctx, AV_LOG_ERROR, "Output buffer is too small\n");
return AVERROR(EINVAL);
}
av_log(avctx, AV_LOG_DEBUG, "decode(%d): %p[%d] -> %p[%d]\n", av_log(avctx, AV_LOG_DEBUG, "decode(%d): %p[%d] -> %p[%d]\n",
buf_size, buf, s->checksum_size, data, *data_size); buf_size, buf, s->checksum_size, data, *data_size);
...@@ -1976,7 +1983,7 @@ static int qdm2_decode_frame(AVCodecContext *avctx, ...@@ -1976,7 +1983,7 @@ static int qdm2_decode_frame(AVCodecContext *avctx,
out += s->channels * s->frame_size; out += s->channels * s->frame_size;
} }
*data_size = (uint8_t*)out - (uint8_t*)data; *data_size = out_size;
return s->checksum_size; return s->checksum_size;
} }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment