aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMichael Niedermayer <michael@niedermayer.cc>2019-07-11 23:23:07 +0200
committerMichael Niedermayer <michael@niedermayer.cc>2019-08-05 17:54:24 +0200
commit549fcba8fc83330763ccd3cc67233037c96bc6d9 (patch)
treef269c1cbb1dd2e6fe109e1855a9746a04cb1714c
parent3c06ba171697b665ef4b2b47fe0008199b3eff86 (diff)
downloadffmpeg-549fcba8fc83330763ccd3cc67233037c96bc6d9.tar.gz
avcodec/dirac_parser: Fix overflow in dts
Fixes: signed integer overflow: -2147483648 - 1 cannot be represented in type 'int' Fixes: 15568/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DIRAC_fuzzer-5634719611355136 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by: Paul B Mahol <onemda@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Diffstat
-rw-r--r--libavcodec/dirac_parser.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/libavcodec/dirac_parser.c b/libavcodec/dirac_parser.c
index 1ade44a438..fbc7414c79 100644
--- a/libavcodec/dirac_parser.c
+++ b/libavcodec/dirac_parser.c
@@ -212,7 +212,7 @@ static int dirac_combine_frame(AVCodecParserContext *s, AVCodecContext *avctx,
if (parse_timing_info && pu1.prev_pu_offset >= 13) {
uint8_t *cur_pu = pc->buffer +
pc->index - 13 - pu1.prev_pu_offset;
- int pts = AV_RB32(cur_pu + 13);
+ int64_t pts = AV_RB32(cur_pu + 13);
if (s->last_pts == 0 && s->last_dts == 0)
s->dts = pts - 1;
else
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-25 10:16:38 +0000