4xm: prevent overflow during bit rate calculation

Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>

diff --git a/libavformat/4xm.c b/libavformat/4xm.c
index 8a50778..2758b69 100644 (file)
--- a/libavformat/4xm.c
+++ b/libavformat/4xm.c
@@ -163,6 +163,12 @@ static int parse_strk(AVFormatContext *s,
         return AVERROR_INVALIDDATA;
     }
 
+    if (fourxm->tracks[track].sample_rate > INT64_MAX / fourxm->tracks[track].bits / fourxm->tracks[track].channels) {
+        av_log(s, AV_LOG_ERROR, "Overflow during bit rate calculation %d * %d * %d\n",
+               fourxm->tracks[track].sample_rate, fourxm->tracks[track].bits, fourxm->tracks[track].channels);
+        return AVERROR_INVALIDDATA;
+    }
+
     /* allocate a new AVStream */
     st = avformat_new_stream(s, NULL);
     if (!st)
@@ -178,7 +184,7 @@ static int parse_strk(AVFormatContext *s,
     st->codecpar->channels              = fourxm->tracks[track].channels;
     st->codecpar->sample_rate           = fourxm->tracks[track].sample_rate;
     st->codecpar->bits_per_coded_sample = fourxm->tracks[track].bits;
-    st->codecpar->bit_rate              = st->codecpar->channels *
+    st->codecpar->bit_rate              = (int64_t)st->codecpar->channels *
                                           st->codecpar->sample_rate *
                                           st->codecpar->bits_per_coded_sample;
     st->codecpar->block_align           = st->codecpar->channels *