virtualenv/FFmpeg
1
0
Fork 0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2024-11-26 19:01:44 +02:00
Code Issues Releases Activity

avcodec/exr: Avoid signed overflow in displayWindow

Browse Source 
The inputs are unused except for this computation so wraparound
does not give an attacker any extra values as they are already fully
controlled

Fixes: signed integer overflow: 0 - -2147483648 cannot be represented in type 'int'
Fixes: 45820/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_EXR_fuzzer-5766159019933696

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This commit is contained in:
Michael Niedermayer 2022-03-21 21:03:13 +01:00
parent 7f1279684e
commit 1291568c98
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
libavcodec/exr.c
View File

@ -1833,8 +1833,8 @@ static int decode_header(EXRContext *s, AVFrame *frame)
dx = bytestream2_get_le32(gb);
dy = bytestream2_get_le32(gb);
s->w = dx - sx + 1;
s->h = dy - sy + 1;
s->w = (unsigned)dx - sx + 1;
s->h = (unsigned)dy - sy + 1;
continue;
} else if ((var_size = check_header_variable(s, "lineOrder",