[FFmpeg-devel] [PATCH 8/8] Fix long int -> unsigned int truncation and add an overflow check in get_codec_tag_from_string().
Stefano Sabatini
stefano.sabatini-lala
Wed Jun 2 15:30:44 CEST 2010
---
ffmpeg.c | 6 +++++-
1 files changed, 5 insertions(+), 1 deletions(-)
diff --git a/ffmpeg.c b/ffmpeg.c
index bacbc1c..695aab8 100644
--- a/ffmpeg.c
+++ b/ffmpeg.c
@@ -2955,7 +2955,11 @@ static void opt_audio_codec(const char *arg)
static unsigned int get_codec_tag_from_string(const char *tag)
{
char *tail;
- unsigned int codec_tag = strtol(tag, &tail, 0);
+ unsigned long int codec_tag = strtoul(tag, &tail, 0);
+ if (errno == ERANGE || codec_tag > UINT_MAX) {
+ fprintf(stderr, "Value from codec tag string '%s' too big\n", tag);
+ exit(1);
+ }
if(!tail || *tail)
codec_tag = tag[0] + (tag[1]<<8) + (tag[2]<<16) + (tag[3]<<24);
--
1.7.1
More information about the ffmpeg-devel
mailing list