[FFmpeg-cvslog] avcodec/avpacket: use size_t, fix potential integer overflow

[Michael Niedermayer]

ffmpeg | branch: master | Michael Niedermayer <michaelni at gmx.at> | Wed Nov 20 16:47:00 2013 +0100| [fcb1b0078d3810aa2d9270e1095c8b5835fc5667] | committer: Michael Niedermayer

avcodec/avpacket: use size_t, fix potential integer overflow

Signed-off-by: Michael Niedermayer <michaelni at gmx.at>

> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=fcb1b0078d3810aa2d9270e1095c8b5835fc5667
---

 libavcodec/avpacket.c |    6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/libavcodec/avpacket.c b/libavcodec/avpacket.c
index e30845c..88ec0be 100644
--- a/libavcodec/avpacket.c
+++ b/libavcodec/avpacket.c
@@ -437,12 +437,12 @@ uint8_t *av_packet_pack_dictionary(AVDictionary *dict, int *size)
         return NULL;
 
     while ((t = av_dict_get(dict, "", t, AV_DICT_IGNORE_SUFFIX))) {
-        const int keylen = strlen(t->key);
-        const int valuelen = strlen(t->value);
+        const size_t keylen   = strlen(t->key);
+        const size_t valuelen = strlen(t->value);
         const size_t new_size = *size + keylen + 1 + valuelen + 1;
         uint8_t *const new_data = av_realloc(data, new_size);
 
-        if (!new_data)
+        if (!new_data || new_size > INT_MAX)
             goto fail;
         data = new_data;