[FFmpeg-devel] [PATCH 17/22] avformat/xmv: Check this_packet_size

Thu, 11 Jul 2024 16:36:57 -0700 

Fixes: CID1604489 Overflowed constant

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
---
 libavformat/xmv.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/libavformat/xmv.c b/libavformat/xmv.c
index e103b2368ea..ed59f7b85bd 100644
--- a/libavformat/xmv.c
+++ b/libavformat/xmv.c
@@ -221,6 +221,8 @@ static int xmv_read_header(AVFormatContext *s)
     /* Initialize the packet context */
 
     xmv->next_packet_offset = avio_tell(pb);
+    if (this_packet_size < xmv->next_packet_offset)
+        return AVERROR_INVALIDDATA;
     xmv->next_packet_size   = this_packet_size - xmv->next_packet_offset;
     xmv->stream_count       = xmv->audio_track_count + 1;
 
-- 
2.45.2

_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel

To unsubscribe, visit link above, or email
ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".

Reply via email to