On Sun, Jun 27, 2021 at 08:22:12PM +0200, Nicolas George wrote: > James Almer (12021-06-25): > > Afaics, it checks the very first character to be < '0' || > '9' for both > > hours and minutes, so strtol() is not going to see a '-'. > > Is there supposed to be one for seconds in valid files? If not, the same > > check could be done and ensure no negative value is parsed. > > No, valid files cannot have negative times. > > Also, I think with the time that adding this format was a misguided > idea. I suspect nobody uses it. We could just remove it.
maybe you could go over the parsing/reading of values in it and add appropriate checks for all. This would likely cut down on the amount of integer issues, and someone like you who knows the format well can likely do this faster than others like me fixing one issue found by the fuzzers at a time Thanks [...] -- Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB Republics decline into democracies and democracies degenerate into despotisms. -- Aristotle
signature.asc
Description: PGP signature
_______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
