| Message ID | AS8P250MB0744752CCD8EAD1EC97EAE208FF1A@AS8P250MB0744.EURP250.PROD.OUTLOOK.COM |
|---|---|
| State | Accepted |
| Commit | 78169f397dad3d9af9cd750441e11b7e201e3949 |
| Headers | show
Delivered-To: ffmpegpatchwork2@gmail.com
Received: by 2002:a05:6a20:4e27:b0:149:dfde:5c0a with SMTP id
gk39csp2751095pzb;
Tue, 12 Sep 2023 05:33:43 -0700 (PDT)
X-Google-Smtp-Source:
AGHT+IHKsphDbSVQwM9y2PwC6aacc0Qqw3Mq6Ld0bj78PTQEhqgF9fzGMebr96eBOfF7l/lBLazd
X-Received: by 2002:a17:906:5e:b0:9a9:e659:a8a6 with SMTP id
30-20020a170906005e00b009a9e659a8a6mr11329317ejg.15.1694522023044;
Tue, 12 Sep 2023 05:33:43 -0700 (PDT)
Return-Path: <ffmpeg-devel-bounces@ffmpeg.org>
Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org. [79.124.17.100])
by mx.google.com with ESMTP id
e18-20020a170906045200b00977cb7af75asi8166066eja.719.2023.09.12.05.33.42;
Tue, 12 Sep 2023 05:33:43 -0700 (PDT)
Received-SPF: pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org
designates 79.124.17.100 as permitted sender) client-ip=79.124.17.100;
Authentication-Results: mx.google.com;
dkim=neutral (body hash did not verify) header.i=@outlook.com
header.s=selector1 header.b=eCxbCjwO;
arc=fail (body hash mismatch);
spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org
designates 79.124.17.100 as permitted sender)
smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org;
dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=outlook.com
Received: from [127.0.1.1] (localhost [127.0.0.1])
by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 279DE68C990;
Tue, 12 Sep 2023 15:33:40 +0300 (EEST)
X-Original-To: ffmpeg-devel@ffmpeg.org
Delivered-To: ffmpeg-devel@ffmpeg.org
Received: from EUR04-HE1-obe.outbound.protection.outlook.com
(mail-he1eur04olkn2036.outbound.protection.outlook.com [40.92.73.36])
by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 2763968C9A2
for <ffmpeg-devel@ffmpeg.org>; Tue, 12 Sep 2023 15:33:37 +0300 (EEST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
b=E6V1IwLEhEnoGb/xkTj1rJo4l5VTkXi8ofyDevzy822082vcJfCms/q77ty9k7grQ4wh+y1ji9c3dngtRbpYgq1KE3EDUUwwwazMShhCszgel3JbwQZqDxxYzGnEAuaVi/FSnxQx17os+LeoVpZA4/u4po4YMEYEZo2cP7z81YqP/zRPV5tM4PXrewPHTbMSNnMYgQLYDIUYo+Qf8qaTgs042QZbWjAT+GBpGtjnIZnemKNd3Ys3B8j6qUZDtQVUTKKjmFfmFCixCqdR2JUOWHxnXlTtsLHQBVhQNbAwyHrMNwhHegK4Ok0FGpF7NjTWr9epKlyTEJfzjQ5aWpCYvg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
s=arcselector9901;
h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
bh=ftjK0/4rM+gXSCaZwSKgyMrjYufJ73UL+t1pNvRco0M=;
b=Txvby9UFTb4rnBkvGvdeX8SrxtzECxR4SeY9QGMswOCMCt3QbOxkGNntBm13lw3+iG0ynFRBEZ2nWGKvRm922yj6tbtIt2YJRlcTCZiW9pAWBYtjMZPrG6sBigRP61GAn4346EH9melwL+N+Wx4TN+HCDW1Fu6/0lJsDlk02ZbD+W2RfMspKuqc5w/xZy5UA52abt0bCbUcVB/7G8yTDRwHgXe8PVMcwrgmwm8BBFS1vvpkY2JdUtA0QYlKJPhAZmZ/Xx1rz59veqonvKJwZaWzVF9OH58W0hMsQwUgBK7AY9W5csQlWmdhNX6pGSNh5YEK1KHvc26JxC4V9BchNPA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none;
dkim=none; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com;
s=selector1;
h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
bh=ftjK0/4rM+gXSCaZwSKgyMrjYufJ73UL+t1pNvRco0M=;
b=eCxbCjwO1Ypoq+/OQj7FvUU0nK/F0RKQrHY0MV7EM9uI8FwYr/Ztd7580f/OD0WjA1vlP5axL67D2w4t8iPjOp0vYM/wbLRLql8JkpnEXGO/PlHJTD0t/a7RxtAOEzD3mWO9COlko4E2yAvlPkpGt7C6e2ObnUcO4fX5tj93vUR+V6Auk4L+7XwVI7acdaNOy12a6YQjdz6x1844PQOot2Zb5fbVPSyJQpdhTsEjy+58YH1ByC6/1WgQrvOraHOEVVE1d6uBUINWujMmDez2PGHECK8k9T27K/DeXeoVLTjVf15NDBEJdUDgRzqgzbitCbL1yuu3D6LcjO/JifJC/A==
Received: from AS8P250MB0744.EURP250.PROD.OUTLOOK.COM (2603:10a6:20b:541::14)
by AM8P250MB0294.EURP250.PROD.OUTLOOK.COM (2603:10a6:20b:329::7) with
Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6768.35; Tue, 12 Sep
2023 12:33:36 +0000
Received: from AS8P250MB0744.EURP250.PROD.OUTLOOK.COM
([fe80::5e01:aea5:d3a8:cafa]) by AS8P250MB0744.EURP250.PROD.OUTLOOK.COM
([fe80::5e01:aea5:d3a8:cafa%3]) with mapi id 15.20.6768.029; Tue, 12 Sep 2023
12:33:36 +0000
From: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
To: ffmpeg-devel@ffmpeg.org
Date: Tue, 12 Sep 2023 14:34:17 +0200
Message-ID:
<AS8P250MB0744752CCD8EAD1EC97EAE208FF1A@AS8P250MB0744.EURP250.PROD.OUTLOOK.COM>
X-Mailer: git-send-email 2.34.1
In-Reply-To:
<AS8P250MB0744C21B870FEA301D5BCE5B8FF1A@AS8P250MB0744.EURP250.PROD.OUTLOOK.COM>
References:
<AS8P250MB0744C21B870FEA301D5BCE5B8FF1A@AS8P250MB0744.EURP250.PROD.OUTLOOK.COM>
X-TMN: [guVd8iBI5VUO8VhPM6oafiOgbWvc+0Fk]
X-ClientProxiedBy: ZR2P278CA0051.CHEP278.PROD.OUTLOOK.COM
(2603:10a6:910:53::6) To AS8P250MB0744.EURP250.PROD.OUTLOOK.COM
(2603:10a6:20b:541::14)
X-Microsoft-Original-Message-ID:
<20230912123419.2065863-2-andreas.rheinhardt@outlook.com>
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: AS8P250MB0744:EE_|AM8P250MB0294:EE_
X-MS-Office365-Filtering-Correlation-Id: c93a63fc-3312-449d-57a9-08dbb38c7bd3
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info:
UDtmX23l6FxfqpODXS/rVEbP+HKdo0zUhrSryoay5h7rlIi58oE+8Nqz/ZOapKZ7f3a/5fitu8CKbCsmI8kBISq5yqldsakX8S4skplAhZwGXNh8cBimEXrKYS8y49XTQ+X06vvfMo+osZu3ljtKDO0KMyXsbzS4gOtkoUSd8QDApG0ZwPmhQQ72H+VKXhA4EudoWKoVWA7IvbDuNdMkm/F4DB8yDHXA8kGNdfvDyXjx6Ci8SY8T+gHrD3BXyG65C+BrwJMFXZIyyiT/9+r5N5iSkkTJcK4ZU5xqpPzpFlAhZU3YIV4OmlEsazUNrYQCiHCmTz57tnqAL7AUc1X4YRnwn/PjzbdySC6rXRhKxe/vvEzotB3nFdVTiXnsTGfmtfPXx0ECwGY6FHMX9pstldT1cVy8sgQh9srPrfO0QA/24iw35Rna9AO472TtRmztdPUsN3FsD/h9IQ3/HhuH+IUs6Jb0XfpABnrfgsBNXJ8rdcT52lGMA4OqHnvkLwPfoK+WFenm2ADt5n2Q9Rq8lWOuBHYUxt4e+VK1oMepHtZp7RCy8lsjMQNybHfOcjP8hahlpkdqnzUe+CfTyp4LHvVedC6zN7kHB4QW005a17JKGRHHcgTop6D20v9aKK9T
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0:
pqpboAwjbYZBwGrjPFWPCjehenwyaN+014MQLfDq3KjJa+fh99UnSzZcFnwwwOvgM5KOhnclTPHqBvFXSVRm3hN/hdLw/3G0oS+GI0zdppnu8y6uBaiST8jsF58wMieKJwF22wSDyql7HbVTc6vQ/jRMosshiB1800vQ4v8njf2DUiO4gnnqLE+EP7kTc6qPkS/1GfOUjUio2EON8guN3CkeYjJoC9LKLfwcm9WgLgCPrR23jtfhtGUtvb/sibOzkHwPD4LJkNeGR/LxbGYyxadgROvOS/rmkM1Umz1L6dAMc0YoKycrCe9usoSFSEW0a+oKqYDgspa5p3yKcD7D+eQSyEpraR97SX/EjnF0jBXKJaNR8/V+kPCKTVdiVFESC15b+ctCEWqVS6o8P2YDd/7I9fTOMHVfD1QNuOIhyp3Hq/2ZLGWptGLdyyRzkFHLRoZ4yzeKIZxNNMWM5vf5Zgjdr/dZP2ed6qP6dB5VbomHJK22vJxVVCAFye2T4yljOewqi2cq1keozZ/V7F+PlbkgS47iJ1XeX9IS6WQ11USBFjfl6/dLbPV2k2Dma3fOGSJeC/Oq8wOoNX94o/8zRcsybWzGLhrKwFQw2ZpxD3A1UmOLguNcAB9aSua+WWtk6MRcIo6tyxcgspqR8wpsGvH9AhRZah7cbxPDAAYm/Y+Ll/wzfodypHEf7tqQq0ZnTQ9Ff9fp9TgQTzUToBi/Ll5TMaXf8z2WyBmgZRUHJrIgMCNJrEVh3ZaYfR3iJJ0to0n7maTqn5RcOKAqLRX+uIAZnc2V6YCc9uM2pE3DX5fALtBLK90MIPM5hPLM0vV9eF2TOmsSQOhewkwHQgOBLhUfYYSy0HC4adOynhTTMn6+6PPcgYuI3ALGuW5q9EAxF1w/+7GTG7bGlWTxD2dT499lI288ZxoO6ugK87eSmWFPH7VtiENLtToWDxV6cND1hn85Md68DDJPILTBzs5SegdwU++lnJrxqWgLypGfsDChGiUtMQ/HTfQqh+szPnafwFibnd2CDFjv/F6lrO4NsMceCI1kRSCqQoUQhkI+51HHlaUUAQU4154BSlp6CkEBX9X7oeUMJqUwC9hmAsSiQz5Uidr3eUjFrHcgkZ+HUu1E1l+Y90NrYEB5OL/oOLf6YB1WSri2m9ZyuHL31D0LMRZFhrdUqWclA4uqDBuw2TdNnyP5nrA/uKAYu4n2zA2oTxJ1SrRXGtc4XYkfHkJmDpn80Y+0SzsYpOsRUoyZ1grWJyeqY5jwvBJXcof2GPJh
X-OriginatorOrg: outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id:
c93a63fc-3312-449d-57a9-08dbb38c7bd3
X-MS-Exchange-CrossTenant-AuthSource: AS8P250MB0744.EURP250.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 12 Sep 2023 12:33:36.0017 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa
X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg:
00000000-0000-0000-0000-000000000000
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM8P250MB0294
Subject: [FFmpeg-devel] [PATCH 3/5] avformat/wtvdec: Fix signed integer
overflow
X-BeenThere: ffmpeg-devel@ffmpeg.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: FFmpeg development discussions and patches <ffmpeg-devel.ffmpeg.org>
List-Unsubscribe: <https://ffmpeg.org/mailman/options/ffmpeg-devel>,
<mailto:ffmpeg-devel-request@ffmpeg.org?subject=unsubscribe>
List-Archive: <https://ffmpeg.org/pipermail/ffmpeg-devel>
List-Post: <mailto:ffmpeg-devel@ffmpeg.org>
List-Help: <mailto:ffmpeg-devel-request@ffmpeg.org?subject=help>
List-Subscribe: <https://ffmpeg.org/mailman/listinfo/ffmpeg-devel>,
<mailto:ffmpeg-devel-request@ffmpeg.org?subject=subscribe>
Reply-To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
Cc: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: ffmpeg-devel-bounces@ffmpeg.org
Sender: "ffmpeg-devel" <ffmpeg-devel-bounces@ffmpeg.org>
X-TUID: 0M1EmTXGLAMH
|
| Series |
[FFmpeg-devel,1/5] avformat/wtvdec: Don't truncate GUIDs
|
expand
|
| Context | Check | Description |
|---|---|---|
| andriy/make_x86 | success | Make finished |
| andriy/make_fate_x86 | success | Make fate finished |
diff --git a/libavformat/wtvdec.c b/libavformat/wtvdec.c index 2de6dc2103..4ce4b6403e 100644 --- a/libavformat/wtvdec.c +++ b/libavformat/wtvdec.c @@ -468,7 +468,7 @@ static void get_tag(AVFormatContext *s, AVIOContext *pb, const char *key, int ty return; } - buf_size = FFMAX(2*length, LEN_PRETTY_GUID) + 1; + buf_size = FFMIN(FFMAX(2U * length, LEN_PRETTY_GUID) + 1, INT_MAX); buf = av_malloc(buf_size); if (!buf) return;
Happens when length > INT_MAX / 2; use unsigned for the computation, but restrict the value to INT_MAX, because avio_get_str16le() accepts an int as buf_len argument. Notice that it can happen that the string read by avio_get_str16le() is truncated in this case. Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com> --- libavformat/wtvdec.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)