On Mon, Nov 18, 2024 at 10:26:37AM -0300, James Almer wrote:
> On 11/18/2024 4:37 AM, Rémi Denis-Courmont wrote:
> > Hi,
> >
> > Le 18 novembre 2024 05:09:11 GMT+02:00, Michael Niedermayer
> > <mich...@niedermayer.cc> a écrit :
> > > Fixes: signed integer overflow: 10 * -1923267925333400000 cannot be
> > > represented in type 'int64_t' (aka 'long')
> > > Fixes:
> > > 378891963/clusterfuzz-testcase-minimized-fuzzer_loadfile_direct-5714338935013376
> > > Found-by: ossfuzz
> > > Reported-by: Kacper Michajlow <kaspe...@gmail.com>
> > > Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
> > > ---
> > > libavformat/rpl.c | 2 +-
> > > 1 file changed, 1 insertion(+), 1 deletion(-)
> > >
> > > diff --git a/libavformat/rpl.c b/libavformat/rpl.c
> > > index e971d0588f3..b30d769efb2 100644
> > > --- a/libavformat/rpl.c
> > > +++ b/libavformat/rpl.c
> > > @@ -102,7 +102,7 @@ static AVRational read_fps(const char* line, int*
> > > error)
> > > line++;
> > > for (; *line>='0' && *line<='9'; line++) {
> > > // Truncate any numerator too large to fit into an int64_t
> > > - if (num > (INT64_MAX - 9) / 10 || den > INT64_MAX / 10)
> > > + if (num > (INT64_MAX - 9) / 10ULL || den > INT64_MAX / 10ULL)
> > > break;
> > > num = 10 * num + (*line - '0');
> > > den *= 10;
> >
> > We have ckd_mul() for this, AFAIK. Easier to read, easier to write and also
> > easier for the compiler to optimise correctly.
>
> Not yet, i haven't pushed my compat header patch.if noone is against it, then i intend to apply the patch soon it can easily be backported too. thx [...] -- Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB The greatest way to live with honor in this world is to be what we pretend to be. -- Socrates
signature.asc
Description: PGP signature
_______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
