On Thu, Sep 16, 2021 at 05:02:53PM +1000, Peter Ross wrote: > On Wed, Sep 15, 2021 at 10:00:46PM +0200, Michael Niedermayer wrote: > > Fixes: signed integer overflow: -682581959642593728 * 16 cannot be > > represented in type 'long' > > Fixes: > > 37883/clusterfuzz-testcase-minimized-ffmpeg_dem_MV_fuzzer-5311691517198336 > > > > Found-by: continuous fuzzing process > > https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg > > Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> > > --- > > libavformat/mvdec.c | 5 +++-- > > 1 file changed, 3 insertions(+), 2 deletions(-) > > > > diff --git a/libavformat/mvdec.c b/libavformat/mvdec.c > > index b1450e08da9..7573087c7cc 100644 > > --- a/libavformat/mvdec.c > > +++ b/libavformat/mvdec.c > > @@ -156,9 +156,10 @@ static int parse_audio_var(AVFormatContext *avctx, > > AVStream *st, > > } else if (!strcmp(name, "NUM_CHANNELS")) { > > return set_channels(avctx, st, var_read_int(pb, size)); > > } else if (!strcmp(name, "SAMPLE_RATE")) { > > - st->codecpar->sample_rate = var_read_int(pb, size); > > - if (st->codecpar->sample_rate <= 0) > > + int sample_rate = var_read_int(pb, size); > > + if (sample_rate <= 0) > > return AVERROR_INVALIDDATA; > > + st->codecpar->sample_rate = sample_rate; > > avpriv_set_pts_info(st, 33, 1, st->codecpar->sample_rate); > > } else if (!strcmp(name, "SAMPLE_WIDTH")) { > > uint64_t bpc = var_read_int(pb, size) * (uint64_t)8; > > please apply
will do thx [...] -- Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB Concerning the gods, I have no means of knowing whether they exist or not or of what sort they may be, because of the obscurity of the subject, and the brevity of human life -- Protagoras
signature.asc
Description: PGP signature
_______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
