Browse code
swresample/resample: Limit filter length
Related to CID1197063
The limit choosen is arbitrary and much larger than what makes sense.
It avoids the need for checking arithmetic operations with the length for overflow
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit f9158b01d0f3effb58e87fb07db0382bc1e47de5)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Michael Niedermayer authored on 2014/04/08 07:19:07Showing 1 changed files
| ... | ... |
@@ -229,6 +229,11 @@ static ResampleContext *resample_init(ResampleContext *c, int out_rate, int in_r |
| 229 | 229 |
av_assert0(0); |
| 230 | 230 |
} |
| 231 | 231 |
|
| 232 |
+ if (filter_size/factor > INT32_MAX/256) {
|
|
| 233 |
+ av_log(NULL, AV_LOG_ERROR, "Filter length too large\n"); |
|
| 234 |
+ goto error; |
|
| 235 |
+ } |
|
| 236 |
+ |
|
| 232 | 237 |
c->phase_shift = phase_shift; |
| 233 | 238 |
c->phase_mask = phase_count - 1; |
| 234 | 239 |
c->linear = linear; |