This is an automated email from the git hooks/post-receive script.
Git pushed a commit to branch master
in repository ffmpeg.
The following commit(s) were added to refs/heads/master by this push:
new 63958ce2b5 avcodec/apac: Check bitstream_size to avoid integer overflow
63958ce2b5 is described below
commit 63958ce2b5dd1b22f534fc968c86329cbbceef07
Author: Anxious Koisi <[email protected]>
AuthorDate: Sun Jun 28 23:03:25 2026 +0200
Commit: michaelni <[email protected]>
CommitDate: Fri Jul 3 01:51:06 2026 +0000
avcodec/apac: Check bitstream_size to avoid integer overflow
Found-by: k00shi_
Fixes: OOM
Fixes: poc.c
Fixes: XMkAe1I9uFro
---
libavcodec/apac.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/libavcodec/apac.c b/libavcodec/apac.c
index 00e48e7635..ea3b93359d 100644
--- a/libavcodec/apac.c
+++ b/libavcodec/apac.c
@@ -140,6 +140,9 @@ static int apac_decode(AVCodecContext *avctx, AVFrame
*frame,
buf_size = pkt->size;
input_buf_size = buf_size;
+ if ((int64_t)s->bitstream_size + buf_size > INT_MAX / (16 * 8))
+ return AVERROR_INVALIDDATA;
+
if (s->bitstream_index > 0 && s->bitstream_size > 0) {
memmove(s->bitstream, &s->bitstream[s->bitstream_index],
s->bitstream_size);
s->bitstream_index = 0;
_______________________________________________
ffmpeg-cvslog mailing list -- [email protected]
To unsubscribe send an email to [email protected]