[FFmpeg-devel] [PATCH] libavformat/asfdec: Fix regression bug when reading image attachments

[Soft Works]

Commit c8140fe7324f264faacf7395b27e12531d1f13f7 had introduced a check for value_len > UINT16_MAX.
As a consequence, attached images of sizes larger than UINT16_MAX could no longer be read.

Signed-off-by: softworkz <softworkz at hotmail.com>
---
 libavformat/asfdec_f.c | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/libavformat/asfdec_f.c b/libavformat/asfdec_f.c
index f784e62996..708331637e 100644
--- a/libavformat/asfdec_f.c
+++ b/libavformat/asfdec_f.c
@@ -707,7 +707,8 @@ static int asf_read_metadata(AVFormatContext *s, int64_t size)
 {
     AVIOContext *pb = s->pb;
     ASFContext *asf = s->priv_data;
-    int n, stream_num, name_len_utf16, name_len_utf8, value_len;
+    int n, stream_num, name_len_utf16, name_len_utf8;
+	unsigned int value_len;
     int ret, i;
     n = avio_rl16(pb);
 
@@ -721,7 +722,7 @@ static int asf_read_metadata(AVFormatContext *s, int64_t size)
         value_type = avio_rl16(pb); /* value_type */
         value_len  = avio_rl32(pb);
 
-        if (value_len < 0 || value_len > UINT16_MAX)
+        if (value_len > INT32_MAX)
             return AVERROR_INVALIDDATA;
 
         name_len_utf8 = 2*name_len_utf16 + 1;
@@ -743,7 +744,7 @@ static int asf_read_metadata(AVFormatContext *s, int64_t size)
             if(stream_num < 128)
                 asf->dar[stream_num].den = aspect_y;
         } else {
-            get_tag(s, name, value_type, value_len, 16);
+            get_tag(s, name, value_type, (int)value_len, 16);
         }
         av_freep(&name);
     }
-- 
2.28.0.windows.1