diff options
author | Michael Niedermayer <michael@niedermayer.cc> | 2022-11-05 19:57:21 +0100 |
---|---|---|
committer | Michael Niedermayer <michael@niedermayer.cc> | 2023-01-12 15:44:41 +0100 |
commit | 977028f9f4f40efcac3ec9d6c226349dd0020b90 (patch) | |
tree | 8d259c89d662d2291be957ca97a37c367e3e1c0d /libavformat/urldecode.c | |
parent | 9f0602a717c3939529bfe49734f3d8029dc36625 (diff) | |
download | ffmpeg-977028f9f4f40efcac3ec9d6c226349dd0020b90.tar.gz |
avcodec/bonk: Avoid undefined overflow in quant
Fixes: signed integer overflow: -2889074 * 2048 cannot be represented in type 'int'
Fixes: 51363/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_BONK_fuzzer-5660734784143360
Fixes: 48567/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_BONK_fuzzer-6617680050520064
Fixes: 48567/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_BONK_fuzzer-6743951854141440
No check is done for the overflow as this was rejected in last review, see the ML
Note: the 2nd and 3rd testcase was assigned by ossfuzz to a unrelated theora issue (48567)
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Diffstat (limited to 'libavformat/urldecode.c')
0 files changed, 0 insertions, 0 deletions