[vlc-commits] [Git][videolan/vlc][master] demux: wav: check the size of the fmt chunk is legit
Steve Lhomme (@robUx4)
gitlab at videolan.org
Wed Aug 13 08:28:52 UTC 2025
Steve Lhomme pushed to branch master at VideoLAN / VLC
Commits:
d5ab4348 by Steve Lhomme at 2025-08-13T07:42:33+00:00
demux: wav: check the size of the fmt chunk is legit
The format may be larger than the base structure like WAVEFORMATEXTENSIBLE_IEC61937
but it cannot exceed a size coded on unsigned 16-bit of extra data.
Fixes #29004
- - - - -
1 changed file:
- modules/demux/wav.c
Changes:
=====================================
modules/demux/wav.c
=====================================
@@ -347,9 +347,9 @@ static int ChunkParseFmt( demux_t *p_demux, uint32_t i_size )
unsigned int i_extended;
i_size += 2;
- if( i_size < sizeof( WAVEFORMATEX ) )
+ if( i_size < sizeof( WAVEFORMATEX ) || i_size > (sizeof( WAVEFORMATEX ) + UINT16_MAX ) )
{
- msg_Err( p_demux, "invalid 'fmt ' chunk" );
+ msg_Err( p_demux, "invalid 'fmt ' chunk of size %" PRIu32, i_size );
goto error;
}
View it on GitLab: https://code.videolan.org/videolan/vlc/-/commit/d5ab4348ed214174c2f3c50549c7e28acda3b223
--
View it on GitLab: https://code.videolan.org/videolan/vlc/-/commit/d5ab4348ed214174c2f3c50549c7e28acda3b223
You're receiving this email because of your account on code.videolan.org.
VideoLAN code repository instance
More information about the vlc-commits
mailing list