From patchwork Fri Jan 19 22:48:08 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Niki Bowe X-Patchwork-Id: 7350 Delivered-To: ffmpegpatchwork@gmail.com Received: by 10.2.156.27 with SMTP id q27csp63968jak; Fri, 19 Jan 2018 14:54:14 -0800 (PST) X-Google-Smtp-Source: AH8x227DR+LBnt1xmmavBkdQrUYz8FwbFtVxG9AXo8/zCdnPd+SDu+YXJT4KNKikMe2Sk6vLN/WM X-Received: by 10.223.199.206 with SMTP id y14mr39513wrg.158.1516402454870; Fri, 19 Jan 2018 14:54:14 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1516402454; cv=none; d=google.com; s=arc-20160816; b=veubrbZ4qf574Abk+xe7jJa6xE1fG4GaQGU3PpvVPwCshZ/jZ6IFsLXdBhzBWffNwU wdEqgr80k/caRANBFAVGsoTMJ50OhdfHsXvLtiup2GYNfFrdWyYWU6WjxlC3rUamHzwD 8Muw13cjativid/pOEcOWInUAVXwQQap0cgVVrMlifAqJP1Fdc2MtOD32dIaejjt8dRZ gap33/4IRGCiTatvY+1kiMUrwv90/lUh4OLz6U+e+hPxIXjGW9Kembk+pO6svuwTbKtF qi9W4ZDZ1gjiNNFHeqGX/Sn/HCl3DKnCInACCAPx4mUm/VE0C3RqTZMqxwi/MmS04OPN vXww== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version:cc:reply-to :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:message-id:date:to:from:dkim-signature :delivered-to:arc-authentication-results; bh=te72jb+ktnEFI9YHMOZ8uBCeuSCn3UVDDFxma2ZtWpo=; b=bk9rWNb4fizWhBpcIRBmesoc5iQP6Ig9D2QHYbUsHMT+sqmMMfTEjVZdgN3Vu1GMxK 0VKZaup/ldZyW4SOnxdXR3Qh2b7eqcJ480TuN3+H6FgEBVTTkeI5I4DBQp4n6Ixj6QDZ qjhr+49b3s6UzxGWF02iBm27fh/AT7A7q1xpx1Z1nVzZ2RS6lWoc4x4cAuBw6MWfM+gD eSxoRVZyzLz3HG/5bQ23Vn4okKtFkWk1lPkKUcPeOgTNJRF6yeBAOgEENbLQbWXHcJI+ ngpzh80w/gXj98CVvwPh+j3YiFW0aEXBqv+KaYpM4FYgfEv1Kq7HkPCVgLmNk65Euuo8 g8bQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@google.com header.s=20161025 header.b=Uc7yhYan; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org. [79.124.17.100]) by mx.google.com with ESMTP id t14si332698wmd.47.2018.01.19.14.54.13; Fri, 19 Jan 2018 14:54:14 -0800 (PST) Received-SPF: pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) client-ip=79.124.17.100; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@google.com header.s=20161025 header.b=Uc7yhYan; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 62821689CF4; Sat, 20 Jan 2018 00:54:11 +0200 (EET) X-Original-To: ffmpeg-devel@ffmpeg.org Delivered-To: ffmpeg-devel@ffmpeg.org Received: from mail-io0-f194.google.com (mail-io0-f194.google.com [209.85.223.194]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id C56D1689B17 for ; Sat, 20 Jan 2018 00:54:04 +0200 (EET) Received: by mail-io0-f194.google.com with SMTP id 72so3774438iom.10 for ; Fri, 19 Jan 2018 14:54:05 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=from:to:cc:subject:date:message-id; bh=JPCOYBKmxi/kO9tQZ0WFtj9jHGDkK0OAH8dlHqCtPqo=; b=Uc7yhYaniU3u6UgXvomoMQ+sAj8WSgEx7hapzQSYRDSTQWzpiq74G/0TARERxzK4gF aOjNGUNJxPseGr9TQ30x15CQK3fGVJQRpNutx/KvDMzTILeZpQjPHyiMicbpBpnUHU/S RVADvToXK9Zxzi1jJQZCSUVVZi/cW6Ysp0+AEfZz/Pc3iHdxcLsSrxUs4KolRD6DehKF 0sbRSO5wEiasL5ccO/Qhe0pCM4cE4Re0j6V4n067ZXWjXl5V/fHqIWGwBQpFqHSuYsvS 0JxRdTW9+8JLGorzhrSM2cnacDIsgRHVzsGydVdZWmVvgmWEVn6+Oi/kLoQaU0/H1kLj eh3g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=JPCOYBKmxi/kO9tQZ0WFtj9jHGDkK0OAH8dlHqCtPqo=; b=MTDv2JfIDX07m3//ayqpx8kXF4OVcKqQFEVp2IOGzJ6Ca2U6hY1X3PeUMwYQhxvhy4 2oTiaZ0HkC7KoY/gF1U8GCkz4NkeWPoqPSc0dGsQ/uYsMBIxqDRytn/fF1TLfPrWRNsN bIs3aSpv0VejpM9LU/o5j4zNe9Bc6GfJ6mLEkvgdjAmWEgYjAjbwPK+shkcS7QTi4RSr Xq9cURch0dOJvr0z7Fio9Bh4wp/b2Yvq0028OGZg+Dx3mr6L8KulMnTnqH31rOgPqG7F 6HpKRW/CFIw+/015d3SpNHlgpy6AcP/kUsbwig5gXHK5CTIKk8txG++xrdipl5LvBg54 re9Q== X-Gm-Message-State: AKwxytff7qytKxHETkcRRtMfWlwtz7jGK0Cxor1ysJtQ8UFtw6OpqiRA 2s8eZOcPYPifUDs4FIdfRuKBHo6O69M= X-Received: by 10.107.153.200 with SMTP id b191mr29531ioe.151.1516402095208; Fri, 19 Jan 2018 14:48:15 -0800 (PST) Received: from nbowe.mtv.corp.google.com ([100.98.2.61]) by smtp.gmail.com with ESMTPSA id p124sm1289966ite.11.2018.01.19.14.48.14 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Fri, 19 Jan 2018 14:48:14 -0800 (PST) From: Nikolas Bowe To: ffmpeg-devel@ffmpeg.org Date: Fri, 19 Jan 2018 14:48:08 -0800 Message-Id: <20180119224808.5055-1-nbowe@google.com> X-Mailer: git-send-email 2.16.0.rc1.238.g530d649a79-goog Subject: [FFmpeg-devel] [PATCH] Fix signed integer overflow undefined behavior X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Cc: Nikolas Bowe MIME-Version: 1.0 Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" Found via fuzzing --- libavformat/rpl.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libavformat/rpl.c b/libavformat/rpl.c index d373600478..df449bfc29 100644 --- a/libavformat/rpl.c +++ b/libavformat/rpl.c @@ -194,7 +194,7 @@ static int rpl_read_header(AVFormatContext *s) if (ast->codecpar->bits_per_coded_sample == 0) ast->codecpar->bits_per_coded_sample = 4; - ast->codecpar->bit_rate = ast->codecpar->sample_rate * + ast->codecpar->bit_rate = (uint64_t)ast->codecpar->sample_rate * ast->codecpar->bits_per_coded_sample * ast->codecpar->channels;