| Message ID | 20240512000349.3381912-2-michael@niedermayer.cc |
|---|---|
| State | Accepted |
| Commit | 4c725df059dd9a5f2071e204924105b3ceb74cbc |
| Headers | show |
| Series | [FFmpeg-devel,1/5] avcodec/lpc: copy levenson coeffs only when they have been computed | expand |
On Sun, May 12, 2024 at 02:03:46AM +0200, Michael Niedermayer wrote: > I dont think this can actually overflow but 64bit seems reasonable to use > > Fixes: CID1521983 Unintentional integer overflow > > Sponsored-by: Sovereign Tech Fund > Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> > --- > libavcodec/mpeg12dec.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) will apply patch 2 - 5 [...]
diff --git a/libavcodec/mpeg12dec.c b/libavcodec/mpeg12dec.c index 21a214ef5b7..e257889d034 100644 --- a/libavcodec/mpeg12dec.c +++ b/libavcodec/mpeg12dec.c @@ -2734,7 +2734,7 @@ static int ipu_decode_frame(AVCodecContext *avctx, AVFrame *frame, int ret; // Check for minimal intra MB size (considering mb header, luma & chroma dc VLC, ac EOB VLC) - if (avpkt->size*8LL < (avctx->width+15)/16 * ((avctx->height+15)/16) * (2 + 3*4 + 2*2 + 2*6)) + if (avpkt->size*8LL < (avctx->width+15)/16 * ((avctx->height+15)/16) * (2LL + 3*4 + 2*2 + 2*6)) return AVERROR_INVALIDDATA; ret = ff_get_buffer(avctx, frame, 0);
I dont think this can actually overflow but 64bit seems reasonable to use Fixes: CID1521983 Unintentional integer overflow Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> --- libavcodec/mpeg12dec.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)