From: headshog
---
libavformat/svs.c | 7 ++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/libavformat/svs.c b/libavformat/svs.c
index b91d29f5a6..bdfb856184 100644
--- a/libavformat/svs.c
+++ b/libavformat/svs.c
@@ -42,6 +42,7 @@ static int svs_read_header(AVFormatContext *s
From: headshog
---
libavformat/svs.c | 7 ++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/libavformat/svs.c b/libavformat/svs.c
index b91d29f5a6..bdfb856184 100644
--- a/libavformat/svs.c
+++ b/libavformat/svs.c
@@ -42,6 +42,7 @@ static int svs_read_header(AVFormatContext *s
From: headshog
---
0001-Fixed-not-it-is-in-the-right-place.patch | 89 +++
0001-Numeric-truncation-in-svs.c-57.patch | 41 +
libavformat/svs.c | 7 +-
3 files changed, 136 insertions(+), 1 deletion(-)
create mode 100644 0001-Fixed-not-it-
From: headshog
Hi! We've been fuzzing `ffmpeg` with
[sydr-fuzz](https://github.com/ispras/oss-sydr-fuzz) security predicates and we
found numeric truncation error in `svs.c:57`.
In function `svs_read_header` on line 57 field `st->codecpar->sample_rate` has
type `int`, the type of return value
On 2023-09-20 15:29, Paul B Mahol wrote:
Unacceptable code changes as that Breaks ABI/API.
___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-re
From: headshog
In function `svs_read_header` on line 57 field `st->codecpar->sample_rate` has
type `int`, the type of return value in `av_rescale_rnd` function is
`uint64_t`, so the numeric truncation may occur here. Then value of
`st->codecpar->sample_rate` is passed to `avpriv_set_pts_info`
