[FFmpeg-devel] [PATCH 4/6] avcodec/aac/aacdec_lpd: Limit get_unary()
Michael Niedermayer
michael at niedermayer.cc
Sun Feb 16 16:39:11 EET 2025
On Sun, Feb 09, 2025 at 03:24:19AM +0100, Michael Niedermayer wrote:
> The limit is based on later code storing 32bits
>
> Fixes: signed integer overflow: 2147483647 + 1 cannot be represented in type 'int'
> Fixes: 393164866/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_AAC_LATM_fuzzer-4606798354513920
>
> Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
> Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
> ---
> libavcodec/aac/aacdec_lpd.c | 9 ++++++---
> 1 file changed, 6 insertions(+), 3 deletions(-)
will apply aac patches 1,2,4 (not 3 as that would be better done with references)
thx
[...]
--
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB
"Nothing to hide" only works if the folks in power share the values of
you and everyone you know entirely and always will -- Tom Scott
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
URL: <https://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20250216/1cfaf068/attachment.sig>
More information about the ffmpeg-devel
mailing list