On Mon, Nov 18, 2024 at 10:26:37AM -0300, James Almer wrote:
> On 11/18/2024 4:37 AM, Rémi Denis-Courmont wrote:
> > Hi,
> > 
> > Le 18 novembre 2024 05:09:11 GMT+02:00, Michael Niedermayer 
> > <mich...@niedermayer.cc> a écrit :
> > > Fixes: signed integer overflow: 10 * -1923267925333400000 cannot be 
> > > represented in type 'int64_t' (aka 'long')
> > > Fixes: 
> > > 378891963/clusterfuzz-testcase-minimized-fuzzer_loadfile_direct-5714338935013376
> > > Found-by: ossfuzz
> > > Reported-by: Kacper Michajlow <kaspe...@gmail.com>
> > > Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
> > > ---
> > > libavformat/rpl.c | 2 +-
> > > 1 file changed, 1 insertion(+), 1 deletion(-)
> > > 
> > > diff --git a/libavformat/rpl.c b/libavformat/rpl.c
> > > index e971d0588f3..b30d769efb2 100644
> > > --- a/libavformat/rpl.c
> > > +++ b/libavformat/rpl.c
> > > @@ -102,7 +102,7 @@ static AVRational read_fps(const char* line, int* 
> > > error)
> > >          line++;
> > >      for (; *line>='0' && *line<='9'; line++) {
> > >          // Truncate any numerator too large to fit into an int64_t
> > > -        if (num > (INT64_MAX - 9) / 10 || den > INT64_MAX / 10)
> > > +        if (num > (INT64_MAX - 9) / 10ULL || den > INT64_MAX / 10ULL)
> > >              break;
> > >          num  = 10 * num + (*line - '0');
> > >          den *= 10;
> > 
> > We have ckd_mul() for this, AFAIK. Easier to read, easier to write and also 
> > easier for the compiler to optimise correctly.
> 
> Not yet, i haven't pushed my compat header patch.

if noone is against it, then i intend to apply the patch soon
it can easily be backported too.

thx

[...]

-- 
Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

The greatest way to live with honor in this world is to be what we pretend
to be. -- Socrates

Attachment: signature.asc
Description: PGP signature

_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel

To unsubscribe, visit link above, or email
ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".

Reply via email to