Related to CID1197063
The limit choosen is arbitrary and much larger than what makes sense.
It avoids the need for checking arithmetic operations with the length for overflow
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit f9158b01d0f3effb58e87fb07db0382bc1e47de5)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
... | ... |
@@ -229,6 +229,11 @@ static ResampleContext *resample_init(ResampleContext *c, int out_rate, int in_r |
229 | 229 |
av_assert0(0); |
230 | 230 |
} |
231 | 231 |
|
232 |
+ if (filter_size/factor > INT32_MAX/256) { |
|
233 |
+ av_log(NULL, AV_LOG_ERROR, "Filter length too large\n"); |
|
234 |
+ goto error; |
|
235 |
+ } |
|
236 |
+ |
|
232 | 237 |
c->phase_shift = phase_shift; |
233 | 238 |
c->phase_mask = phase_count - 1; |
234 | 239 |
c->linear = linear; |