Hi,
Le 18 novembre 2024 05:09:11 GMT+02:00, Michael Niedermayer
<mich...@niedermayer.cc> a écrit :
>Fixes: signed integer overflow: 10 * -1923267925333400000 cannot be
>represented in type 'int64_t' (aka 'long')
>Fixes:
>378891963/clusterfuzz-testcase-minimized-fuzzer_loadfile_direct-5714338935013376
>Found-by: ossfuzz
>Reported-by: Kacper Michajlow <kaspe...@gmail.com>
>Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
>---
> libavformat/rpl.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
>diff --git a/libavformat/rpl.c b/libavformat/rpl.c
>index e971d0588f3..b30d769efb2 100644
>--- a/libavformat/rpl.c
>+++ b/libavformat/rpl.c
>@@ -102,7 +102,7 @@ static AVRational read_fps(const char* line, int* error)
> line++;
> for (; *line>='0' && *line<='9'; line++) {
> // Truncate any numerator too large to fit into an int64_t
>- if (num > (INT64_MAX - 9) / 10 || den > INT64_MAX / 10)
>+ if (num > (INT64_MAX - 9) / 10ULL || den > INT64_MAX / 10ULL)
> break;
> num = 10 * num + (*line - '0');
> den *= 10;
We have ckd_mul() for this, AFAIK. Easier to read, easier to write and also
easier for the compiler to optimise correctly.
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
