[FFmpeg-devel] [PATCH 4/5] avcodec/alsdec: Fix integer overflows of raw_samples in decode_var_block_data()

Michael Niedermayer michael at niedermayer.cc
Sun Aug 11 17:45:48 EEST 2019


On Fri, Jul 26, 2019 at 06:26:07PM +0200, Michael Niedermayer wrote:
> This also makes the code consistent with the existing similar MUL64()
> in decode_var_block_data()
> 
> Fixes: signed integer overflow: -7277630735906765035 + -3272193951413647896 cannot be represented in type 'long'
> Fixes: 16015/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ALS_fuzzer-5666552818434048
> 
> Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
> Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
> ---
>  libavcodec/alsdec.c | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)

will apply

[...]
-- 
Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

The misfortune of the wise is better than the prosperity of the fool.
-- Epicurus
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: not available
URL: <http://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20190811/6f6cad63/attachment.sig>


More information about the ffmpeg-devel mailing list