avformat/mov: Fix signed integer overflows with total_size

Signed integer overflow is undefined behavior. Detected with clang and -fsanitize=signed-integer-overflow Signed-off-by: Vitaly Buka <vitalybuka@google.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 4a404cb5b90b878cbe1bb528fac65cf508668cc5) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
author: Vitaly Buka <vitalybuka-at-google.com@ffmpeg.org> 2017-08-20 11:56:47 -0700
committer: Michael Niedermayer <michael@niedermayer.cc> 2017-08-24 12:03:51 +0200
commit: 64af458bb86288edd640795d346cee6a7327f799 (patch)
tree: 984c6ead52abe66cf392d8dac3d9ade83807fdbb
parent: 616154a6a5352cbf3685f3bb494df8b5f4a8ebc0 (diff)
download: ffmpeg-64af458bb86288edd640795d346cee6a7327f799.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/libavformat/mov.c b/libavformat/mov.c
index b06e9c84ae..cff3c7017f 100644
--- a/libavformat/mov.c
+++ b/libavformat/mov.c
@@ -4255,7 +4255,7 @@ static int mov_read_default(MOVContext *c, AVIOContext *pb, MOVAtom atom)
 
     if (atom.size < 0)
         atom.size = INT64_MAX;
-    while (total_size + 8 <= atom.size && !avio_feof(pb)) {
+    while (total_size <= atom.size - 8 && !avio_feof(pb)) {
         int (*parse)(MOVContext*, AVIOContext*, MOVAtom) = NULL;
         a.size = atom.size;
         a.type=0;
author	Vitaly Buka <vitalybuka-at-google.com@ffmpeg.org>	2017-08-20 11:56:47 -0700
committer	Michael Niedermayer <michael@niedermayer.cc>	2017-08-24 12:03:51 +0200
commit	64af458bb86288edd640795d346cee6a7327f799 (patch)
tree	984c6ead52abe66cf392d8dac3d9ade83807fdbb
parent	616154a6a5352cbf3685f3bb494df8b5f4a8ebc0 (diff)
download	ffmpeg-64af458bb86288edd640795d346cee6a7327f799.tar.gz