On Tue, Jun 23, 2020 at 02:08:44PM +0200, Nicolas George wrote: > Michael Niedermayer (12020-06-23): > > Fixes; signed integer overflow: 1 - -9223372036854775808 cannot be > > represented in type 'long' > > Fixes: > > 23490/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5133490093031424 > > > > Found-by: continuous fuzzing process > > https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg > > Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> > > --- > > libavformat/subtitles.c | 2 +- > > 1 file changed, 1 insertion(+), 1 deletion(-) > > > > diff --git a/libavformat/subtitles.c b/libavformat/subtitles.c > > index ad7f68938e..ccab80391f 100644 > > --- a/libavformat/subtitles.c > > +++ b/libavformat/subtitles.c > > @@ -202,7 +202,7 @@ void ff_subtitles_queue_finalize(void *log_ctx, > > FFDemuxSubtitlesQueue *q) > > q->sort == SUB_SORT_TS_POS ? cmp_pkt_sub_ts_pos > > : cmp_pkt_sub_pos_ts); > > for (i = 0; i < q->nb_subs; i++) > > - if (q->subs[i].duration < 0 && i < q->nb_subs - 1) > > + if (q->subs[i].duration < 0 && i < q->nb_subs - 1 && > > q->subs[i].pts != AV_NOPTS_VALUE) > > q->subs[i].duration = q->subs[i + 1].pts - q->subs[i].pts; > > > > if (!q->keep_duplicates) > > Having no PTS at this point makes no sense. We should examine why it > arrived there.
it comes from microdvddec in this case, it can be fixed for example
with the following: (i do not know if these are all cases which can
generate this)
commit 06eff32c6e4100b70a3a215a0756580a6fa124b5 (HEAD -> master)
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Tue Jun 23 01:43:14 2020 +0200
iavformat/microdvddec: Skip NOPTS values
Fixes; signed integer overflow: 1 - -9223372036854775808 cannot be
represented in type 'long'
Fixes:
23490/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5133490093031424
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
diff --git a/libavformat/microdvddec.c b/libavformat/microdvddec.c
index 8759200f88..1f871b2518 100644
--- a/libavformat/microdvddec.c
+++ b/libavformat/microdvddec.c
@@ -94,6 +94,7 @@ static int microdvd_read_header(AVFormatContext *s)
int64_t pos = avio_tell(s->pb);
int len = ff_get_line(s->pb, line_buf, sizeof(line_buf));
char *line = line_buf;
+ int64_t pts;
if (!strncmp(line, bom, 3))
line += 3;
@@ -137,13 +138,16 @@ static int microdvd_read_header(AVFormatContext *s)
SKIP_FRAME_ID;
if (!*p)
continue;
+ pts = get_pts(line);
+ if (pts == AV_NOPTS_VALUE)
+ continue;
sub = ff_subtitles_queue_insert(µdvd->q, p, strlen(p), 0);
if (!sub) {
ret = AVERROR(ENOMEM);
goto fail;
}
sub->pos = pos;
- sub->pts = get_pts(line);
+ sub->pts = pts;
sub->duration = get_duration(line);
}
ff_subtitles_queue_finalize(s, µdvd->q);
> Can you share the test case?
Ill send you the file privatly
thx
[...]
--
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB
I do not agree with what you have to say, but I'll defend to the death your
right to say it. -- Voltaire
signature.asc
Description: PGP signature
_______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
