[FFmpeg-cvslog] cafdec: fix overflow checking in read_header()
Xi Wang
git at videolan.org
Sun Jan 20 21:36:22 CET 2013
ffmpeg | branch: master | Xi Wang <xi.wang at gmail.com> | Sun Jan 20 15:26:12 2013 -0500| [64b7e7dcaf21bd3c9f644446c59acdac6a95892f] | committer: Michael Niedermayer
cafdec: fix overflow checking in read_header()
Several compilers such as clang/icc/pathscale will optimize the check
pos + size < pos (assuming size > 0) into false, since signed integer
overflow is undefined behavior in C. This breaks overflow checking.
Use a safe precondition check instead.
Signed-off-by: Xi Wang <xi.wang at gmail.com>
Signed-off-by: Michael Niedermayer <michaelni at gmx.at>
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=64b7e7dcaf21bd3c9f644446c59acdac6a95892f
---
libavformat/cafdec.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libavformat/cafdec.c b/libavformat/cafdec.c
index f12226a..337758e 100644
--- a/libavformat/cafdec.c
+++ b/libavformat/cafdec.c
@@ -300,7 +300,7 @@ static int read_header(AVFormatContext *s)
}
if (size > 0) {
- if (pos + size < pos)
+ if (pos > INT64_MAX - size)
return AVERROR_INVALIDDATA;
avio_skip(pb, FFMAX(0, pos + size - avio_tell(pb)));
}
More information about the ffmpeg-cvslog
mailing list