[FFmpeg-devel] [PATCH] avcodec/dvbsubdec: Use ff_set_dimensions()
Michael Niedermayer
michael at niedermayer.cc
Sat Jul 20 01:54:51 EEST 2019
Fixes: signed integer overflow: 65313 * 65313 cannot be represented in type 'int'
Fixes: 15740/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DVBSUB_fuzzer-5641749164195840
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
---
libavcodec/dvbsubdec.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/libavcodec/dvbsubdec.c b/libavcodec/dvbsubdec.c
index bc4a17bde0..6e7e13b6eb 100644
--- a/libavcodec/dvbsubdec.c
+++ b/libavcodec/dvbsubdec.c
@@ -1578,8 +1578,9 @@ static int dvbsub_parse_display_definition_segment(AVCodecContext *avctx,
display_def->width = bytestream_get_be16(&buf) + 1;
display_def->height = bytestream_get_be16(&buf) + 1;
if (!avctx->width || !avctx->height) {
- avctx->width = display_def->width;
- avctx->height = display_def->height;
+ int ret = ff_set_dimensions(avctx, display_def->width, display_def->height);
+ if (ret < 0)
+ return ret;
}
if (info_byte & 1<<3) { // display_window_flag
--
2.22.0
More information about the ffmpeg-devel
mailing list