[FFmpeg-devel] [PATCH 2/3] avcodec/alsdec: Fix integer overflow in decode_var_block_data()
Michael Niedermayer
michael at niedermayer.cc
Tue Aug 20 17:59:05 EEST 2019
On Mon, Aug 19, 2019 at 07:41:56AM +0200, Thilo Borgmann wrote:
> Am 19.08.19 um 01:30 schrieb Michael Niedermayer:
> > Fixes: signed integer overflow: 1927975249 - -514719744 cannot be represented in type 'int'
> > Fixes: 16413/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ALS_fuzzer-5651206856245248
> >
> > Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
> > Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
> > ---
> > libavcodec/alsdec.c | 2 +-
> > 1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff --git a/libavcodec/alsdec.c b/libavcodec/alsdec.c
> > index 425cf73be9..4794556aad 100644
> > --- a/libavcodec/alsdec.c
> > +++ b/libavcodec/alsdec.c
> > @@ -953,7 +953,7 @@ static int decode_var_block_data(ALSDecContext *ctx, ALSBlockData *bd)
> >
> > // reconstruct difference signal for prediction (joint-stereo)
> > if (bd->js_blocks && bd->raw_other) {
> > - int32_t *left, *right;
> > + uint32_t *left, *right;
> >
> > if (bd->raw_other > raw_samples) { // D = R - L
> > left = raw_samples;
> >
>
> LGTM
will apply
thx
[...]
--
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB
If you drop bombs on a foreign country and kill a hundred thousand
innocent people, expect your government to call the consequence
"unprovoked inhuman terrorist attacks" and use it to justify dropping
more bombs and killing more people. The technology changed, the idea is old.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: not available
URL: <http://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20190820/597f8ac0/attachment.sig>
More information about the ffmpeg-devel
mailing list