mov: validate sidx timescale
authorAndreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
Sun, 23 Oct 2016 14:48:01 +0000 (16:48 +0200)
committerAndreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
Sun, 6 Nov 2016 23:51:49 +0000 (00:51 +0100)
A negative timescale doesn't make sense and triggers assertions in
av_rescale_rnd.

Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
libavformat/mov.c

index 5fb345a..f06de06 100644 (file)
@@ -4247,6 +4247,11 @@ static int mov_read_sidx(MOVContext *c, AVIOContext *pb, MOVAtom atom)
 
     timescale = av_make_q(1, avio_rb32(pb));
 
+    if (timescale.den <= 0) {
+        av_log(c->fc, AV_LOG_ERROR, "Invalid sidx timescale 1/%d\n", timescale.den);
+        return AVERROR_INVALIDDATA;
+    }
+
     if (version == 0) {
         pts = avio_rb32(pb);
         offset += avio_rb32(pb);