From patchwork Tue Jul 9 11:36:26 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Niedermayer X-Patchwork-Id: 50436 Delivered-To: ffmpegpatchwork2@gmail.com Received: by 2002:a05:612c:fad:b0:482:c625:d099 with SMTP id kf13csp304412vqb; Tue, 9 Jul 2024 04:36:43 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCXSqEHexW997x042Z7B/maq8qL/AuTgkQMkaRB+bcXZhc2sUCbQhw4ds8unFNHJ+lnmw/qQNJx/ibbQqow7BlOEoJOXQPZxrs8Isw== X-Google-Smtp-Source: AGHT+IHZWy63g65FvzcoPfx4fnRB/FWwQYqRXqKWBpvPFXqNUnVdyPq1LMeOBWXsCEc/zta0Qx1c X-Received: by 2002:a05:6402:50c8:b0:58e:3501:5c25 with SMTP id 4fb4d7f45d1cf-594baf8d6dbmr1894839a12.13.1720525003394; Tue, 09 Jul 2024 04:36:43 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1720525003; cv=none; d=google.com; s=arc-20160816; b=AEctIE2BHA0dGM7UuH8I6BWB/YKAGZTi7C9U9AWqwbO582fnzhNx8axz3TmAdsJpQS JZGi3JR2bdtGUZ8AktW9RA7wkJJsuJqYP2UvBVJXO48O6UiPqMxENgWkRY/55TPp5cPX VwuDzOR0FwEtLqHwVWRsxGP/pNbARqSn6g1LuvwlBttuX5zvMF/X6TE0kndppN6vPDfg /9YOSeZ5w6Bge4H/cxYnJ4bCzydhNFPzw1T457UVH5+SJR7iblVqT9PODhb6h7RRkCli AXgU5li+TBgNno1GSJQErpk6IYT+sE43qAz36IUISIWf7a7bSJDymJP/8lgC/6K3+kl0 pWKg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:reply-to:list-subscribe :list-help:list-post:list-archive:list-unsubscribe:list-id :precedence:subject:mime-version:message-id:date:to:from :dkim-signature:delivered-to; bh=IaEEcU/DjheBbORpdpDYrKIoPcx9lG3q114/KK7vCF4=; fh=e5zN9xSzcxLA6bGo3lF+CqTbY/oLwzApV03EO/RBfgQ=; b=Mp/MZKi2w2/WJcFL4Lp1G3XA0Esvegk1oerQqICeRkV9TFUp6pwzwGFUlLeFOgB5j2 SQCXL35uj8P9svP4ibKMK7WM0qveQq4+3f4AMRR1T/ILa0zDDBVysA/EHuYwI5Oi2xq2 saZlM43vNKEP0z5fHW/oaYYvnVWNaCBNDsQRxIJe0kSXGB1XHJ3svzh0oi9tAVBgX1sW NIR/Jr243OQoThMK2AiBHxGBJ5fnZZGMDNBpE1IoYqF2bPIYJElGBg0oq6swxVmhCzOl 9ah6BJ97An2YQEj2gGNJ6zzfwn9VWsrn8fpIlA0kn1roOaqB3OlD0C5yYrxdcwrIu7aR pU0g==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@niedermayer.cc header.s=gm1 header.b=eOCzoE1c; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org. [79.124.17.100]) by mx.google.com with ESMTP id 4fb4d7f45d1cf-594be92abd1si915287a12.639.2024.07.09.04.36.43; Tue, 09 Jul 2024 04:36:43 -0700 (PDT) Received-SPF: pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) client-ip=79.124.17.100; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@niedermayer.cc header.s=gm1 header.b=eOCzoE1c; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 46A9A68DC80; Tue, 9 Jul 2024 14:36:35 +0300 (EEST) X-Original-To: ffmpeg-devel@ffmpeg.org Delivered-To: ffmpeg-devel@ffmpeg.org Received: from relay8-d.mail.gandi.net (relay8-d.mail.gandi.net [217.70.183.201]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id B9B6F68DC67 for ; Tue, 9 Jul 2024 14:36:28 +0300 (EEST) Received: by mail.gandi.net (Postfix) with ESMTPSA id CD64D1BF209 for ; Tue, 9 Jul 2024 11:36:27 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=niedermayer.cc; s=gm1; t=1720524987; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=ilfzXVDGvYYznOZKM68h0JYFqIi0vbKXXnpZcqfLjhY=; b=eOCzoE1c+MO0BZpFWuRbb6HlxHKRHOo15sGxYtgKNmSdy6lNgBLHAhoUukBzHIixODYyvu BZ1Ms27eEJLYNJJ7FlXzO6mgaAW7ib07m5e8BQWYhGaLKZMQGaTq5fS1x9TpHjHgHfAuT3 3xPNQwWB8qclVRFxH5ulQSl/LiihTjPHYo9bN2xveQxRZG9qUA+f0/b/6GxXMEJ1MH9v1n pd8KOLw9t+Ym1h7biZ+te/YfZywhkjIgSUfvdU5OjH+Z3hCvCNvR5h7bOHEjAiY7vPDIiV SEeHRL6v0UaxcAMceQni31kxJplWc0na4xUhfcAq63/WyM6I8K+F5NI19VSuGQ== From: Michael Niedermayer To: FFmpeg development discussions and patches Date: Tue, 9 Jul 2024 13:36:26 +0200 Message-ID: <20240709113626.1836680-1-michael@niedermayer.cc> X-Mailer: git-send-email 2.45.2 MIME-Version: 1.0 X-GND-Sasl: michael@niedermayer.cc Subject: [FFmpeg-devel] [PATCH] avutil/imgutils: av_image_check_size2() ensure width and height fit in 32bit X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" X-TUID: BFPaOsHRAwHa on "INT is 64bit" systems they may have been false Signed-off-by: Michael Niedermayer --- libavutil/imgutils.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libavutil/imgutils.c b/libavutil/imgutils.c index d2463815637..b738cff37c2 100644 --- a/libavutil/imgutils.c +++ b/libavutil/imgutils.c @@ -298,7 +298,7 @@ int av_image_check_size2(unsigned int w, unsigned int h, int64_t max_pixels, enu stride = 8LL*w; stride += 128*8; - if ((int)w<=0 || (int)h<=0 || stride >= INT_MAX || stride*(uint64_t)(h+128) >= INT_MAX) { + if (w==0 || h==0 || w > INT32_MAX || h > INT32_MAX || stride >= INT_MAX || stride*(uint64_t)(h+128) >= INT_MAX) { av_log(&imgutils, AV_LOG_ERROR, "Picture size %ux%u is invalid\n", w, h); return AVERROR(EINVAL); }