On Thu, May 08, 2025 at 11:57:33PM +0200, Michael Niedermayer wrote: > The code uses int, unsigned int and uint16_t to store num_entry_point_offsets > This limits it to the smallest of the 3. > Alternatively uint16_t can be changed and then a larger limit used. > A Check will still be needed. > > Fixes: > 391974932/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_HEVC_fuzzer-5966648879677440 > Fixes: signed integer overflow: 2147483647 + 1 cannot be represented in type > 'int' > > Found-by: continuous fuzzing process > https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg > Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> > --- > libavcodec/hevc/hevcdec.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-)
will apply [...] -- Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB If one takes all money from those who grow wealth and gives it to those who do not grow wealth, 10 years later, almost the same people who where wealthy will be wealthy again, the same people who where poor will be poor again.
signature.asc
Description: PGP signature
_______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
