[FFmpeg-cvslog] avformat/subfile: clip seek offset
Kacper Michajłow
git at videolan.org
Fri Jul 25 23:02:10 EEST 2025
ffmpeg | branch: master | Kacper Michajłow <kasper93 at gmail.com> | Fri Jul 11 21:44:33 2025 +0200| [e29016a9de8cf9a15569bdcea6e68c8e9ba2f299] | committer: Kacper Michajłow
avformat/subfile: clip seek offset
Fixes: signed integer overflow: 9223372036854737920 + 1649410 cannot be
represented in type 'int64_t'
Fixes OSS-Fuzz: 410100610
Signed-off-by: Kacper Michajłow <kasper93 at gmail.com>
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=e29016a9de8cf9a15569bdcea6e68c8e9ba2f299
---
libavformat/subfile.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/libavformat/subfile.c b/libavformat/subfile.c
index be48ef72ef..b8c6ce0eef 100644
--- a/libavformat/subfile.c
+++ b/libavformat/subfile.c
@@ -128,13 +128,13 @@ static int64_t subfile_seek(URLContext *h, int64_t pos, int whence)
case AVSEEK_SIZE:
return end - c->start;
case SEEK_SET:
- new_pos = c->start + pos;
+ new_pos = c->start + av_clip(pos, 0, end - c->start);
break;
case SEEK_CUR:
- new_pos = c->pos + pos;
+ new_pos = c->pos + av_clip(pos, -(c->pos - c->start), end - c->pos);
break;
case SEEK_END:
- new_pos = end + pos;
+ new_pos = end + av_clip(pos, -(end - c->start), 0);
break;
default:
av_assert0(0);
More information about the ffmpeg-cvslog
mailing list