diff mbox series

[FFmpeg-devel,01/15] avcodec/xsubdec: Check parse_timecode()

Message ID 20240705002156.1964272-1-michael@niedermayer.cc
State New
Headers show
Series [FFmpeg-devel,01/15] avcodec/xsubdec: Check parse_timecode() | expand

Checks

Context Check Description
yinshiyou/make_loongarch64 success Make finished
yinshiyou/make_fate_loongarch64 fail Make fate failed
andriy/make_x86 success Make finished
andriy/make_fate_x86 success Make fate finished

Commit Message

Michael Niedermayer July 5, 2024, 12:21 a.m. UTC
Fixes: CID1604490 Overflowed constant

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
---
 libavcodec/xsubdec.c | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

Comments

Michael Niedermayer July 12, 2024, 8:41 p.m. UTC | #1
On Fri, Jul 05, 2024 at 02:21:42AM +0200, Michael Niedermayer wrote:
> Fixes: CID1604490 Overflowed constant
> 
> Sponsored-by: Sovereign Tech Fund
> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
> ---
>  libavcodec/xsubdec.c | 11 +++++++++--
>  1 file changed, 9 insertions(+), 2 deletions(-)

will apply patchset

[...]
diff mbox series

Patch

diff --git a/libavcodec/xsubdec.c b/libavcodec/xsubdec.c
index db7873593c8..6be4c18b0b5 100644
--- a/libavcodec/xsubdec.c
+++ b/libavcodec/xsubdec.c
@@ -60,6 +60,7 @@  static int decode_frame(AVCodecContext *avctx, AVSubtitle *sub,
     int64_t packet_time = 0;
     GetBitContext gb;
     int has_alpha = avctx->codec_tag == MKTAG('D','X','S','A');
+    int64_t start_display_time, end_display_time;
 
     // check that at least header fits
     if (buf_size < 27 + 7 * 2 + 4 * (3 + has_alpha)) {
@@ -74,8 +75,14 @@  static int decode_frame(AVCodecContext *avctx, AVSubtitle *sub,
     }
     if (avpkt->pts != AV_NOPTS_VALUE)
         packet_time = av_rescale_q(avpkt->pts, AV_TIME_BASE_Q, (AVRational){1, 1000});
-    sub->start_display_time = parse_timecode(buf +  1, packet_time);
-    sub->end_display_time   = parse_timecode(buf + 14, packet_time);
+
+    sub->start_display_time = start_display_time = parse_timecode(buf +  1, packet_time);
+    sub->end_display_time   = end_display_time   = parse_timecode(buf + 14, packet_time);
+    if (sub->start_display_time != start_display_time ||
+        sub->  end_display_time !=   end_display_time) {
+        av_log(avctx, AV_LOG_ERROR, "time code not representable in 32bit\n");
+        return -1;
+    }
     buf += 27;
 
     // read header