Message ID | 20210116230729.30613-2-michael@niedermayer.cc |
---|---|
State | Accepted |
Commit | 29851cb840c176d514573914799ca6c95f3f4e8e |
Headers | show |
Series | [FFmpeg-devel,1/7] avformat/mpsubdec: Use av_sat_add/sub64() in fracval handling | expand |
Context | Check | Description |
---|---|---|
andriy/x86_make | success | Make finished |
andriy/x86_make_fate | success | Make fate finished |
andriy/PPC64_make | success | Make finished |
andriy/PPC64_make_fate | success | Make fate finished |
On Sun, Jan 17, 2021 at 12:07:24AM +0100, Michael Niedermayer wrote: > Fixes: signed integer overflow: -9223372036853488158 - 90000000 cannot be represented in type 'long long' > Fixes: 26910/clusterfuzz-testcase-minimized-ffmpeg_dem_MPSUB_fuzzer-6696625298866176 > > Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg > Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> > --- > libavformat/utils.c | 1 + > 1 file changed, 1 insertion(+) will apply [...]
diff --git a/libavformat/utils.c b/libavformat/utils.c index bf904ef2c5..7f547c77ed 100644 --- a/libavformat/utils.c +++ b/libavformat/utils.c @@ -1103,6 +1103,7 @@ static void update_initial_timestamps(AVFormatContext *s, int stream_index, dts == AV_NOPTS_VALUE || st->cur_dts == AV_NOPTS_VALUE || st->cur_dts < INT_MIN + RELATIVE_TS_BASE || + dts < INT_MIN + (st->cur_dts - RELATIVE_TS_BASE) || is_relative(dts)) return;
Fixes: signed integer overflow: -9223372036853488158 - 90000000 cannot be represented in type 'long long' Fixes: 26910/clusterfuzz-testcase-minimized-ffmpeg_dem_MPSUB_fuzzer-6696625298866176 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> --- libavformat/utils.c | 1 + 1 file changed, 1 insertion(+)