This is an automated email from the git hooks/post-receive script. Git pushed a commit to branch release/8.1 in repository ffmpeg.
commit 182bc42768bf936904e0a757025a0180a5c0e121 Author: Michael Niedermayer <[email protected]> AuthorDate: Mon May 18 23:37:12 2026 +0200 Commit: Michael Niedermayer <[email protected]> CommitDate: Sun Jun 14 04:40:52 2026 +0200 avformat/flvdec: Check size at the top of the main loop Fixes: signed integer overflow Fixes: ffmpeg_flv_read_packet_libavformat_flvdec.c_1900_26.poc Found-by: iceray-Li Signed-off-by: Michael Niedermayer <[email protected]> (cherry picked from commit cc1459ed8559307bf94326343b7d4fbd64cc7d5e) Signed-off-by: Michael Niedermayer <[email protected]> --- libavformat/flvdec.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/libavformat/flvdec.c b/libavformat/flvdec.c index 6d6c541931..45fd1b2fb3 100644 --- a/libavformat/flvdec.c +++ b/libavformat/flvdec.c @@ -1559,6 +1559,10 @@ skip: for (;;) { int track_size = size; + if (size < 0) { + ret = FFERROR_REDO; + goto leave; + } if (multitrack_type != MultitrackTypeOneTrack) { track_size = avio_rb24(s->pb); _______________________________________________ ffmpeg-cvslog mailing list -- [email protected] To unsubscribe send an email to [email protected]
