On Thu, 14 Jan 2021, Michael Niedermayer wrote:
Fixes: signed integer overflow: -9223372053736 * 1000000 cannot be represented
in type 'long'
Fixes:
26910/clusterfuzz-testcase-minimized-ffmpeg_dem_CONCAT_fuzzer-6607924558430208
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
---
libavutil/parseutils.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libavutil/parseutils.c b/libavutil/parseutils.c
index 167e822648..6161f4ac95 100644
--- a/libavutil/parseutils.c
+++ b/libavutil/parseutils.c
@@ -736,7 +736,7 @@ int av_parse_time(int64_t *timeval, const char *timestr,
int duration)
if (*q)
return AVERROR(EINVAL);
- if (INT64_MAX / suffix < t)
+ if (t < 0 || INT64_MAX / suffix < t)
This does not look right, because a negative t can mean a date before
1970.
Regards,
Marton
return AVERROR(ERANGE);
t *= suffix;
if (INT64_MAX - microseconds < t)
--
2.17.1
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
