[FFmpeg-devel] [PATCH 17/22] avformat/xmv: Check this_packet_size
Michael Niedermayer
michael at niedermayer.cc
Fri Jul 12 02:34:11 EEST 2024
Fixes: CID1604489 Overflowed constant
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
---
libavformat/xmv.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/libavformat/xmv.c b/libavformat/xmv.c
index e103b2368ea..ed59f7b85bd 100644
--- a/libavformat/xmv.c
+++ b/libavformat/xmv.c
@@ -221,6 +221,8 @@ static int xmv_read_header(AVFormatContext *s)
/* Initialize the packet context */
xmv->next_packet_offset = avio_tell(pb);
+ if (this_packet_size < xmv->next_packet_offset)
+ return AVERROR_INVALIDDATA;
xmv->next_packet_size = this_packet_size - xmv->next_packet_offset;
xmv->stream_count = xmv->audio_track_count + 1;
--
2.45.2
More information about the ffmpeg-devel
mailing list