virtualenv/FFmpeg
1
0
Fork 0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2025-08-04 22:03:09 +02:00
Code Issues Releases Activity

avcodec/hashtable: Check for overflow

Browse Source 
Reviewed-by: Emma Worley <emma@emma.gg>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
This commit is contained in:
Andreas Rheinhardt
2025-06-03 22:35:03 +02:00
parent 1e6fdafce0
commit 2e45d2f7d3
1 changed files with 7 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
libavcodec/hashtable.c
View File

@ -56,12 +56,18 @@ struct FFHashtableContext {
int ff_hashtable_alloc(struct FFHashtableContext **ctx, size_t key_size, size_t val_size, size_t max_entries) int ff_hashtable_alloc(struct FFHashtableContext **ctx, size_t key_size, size_t val_size, size_t max_entries)
{ {
const size_t keyval_size = key_size + val_size;
if (keyval_size < key_size || // did (unsigned,defined) wraparound happen?
keyval_size > SIZE_MAX - sizeof(size_t) - (ALIGN - 1))
return AVERROR(ERANGE);
FFHashtableContext *res = av_mallocz(sizeof(*res)); FFHashtableContext *res = av_mallocz(sizeof(*res));
if (!res) if (!res)
return AVERROR(ENOMEM); return AVERROR(ENOMEM);
res->key_size = key_size; res->key_size = key_size;
res->val_size = val_size; res->val_size = val_size;
res->entry_size = FFALIGN(sizeof(size_t) + key_size + val_size, ALIGN); res->entry_size = FFALIGN(sizeof(size_t) + keyval_size, ALIGN);
res->max_entries = max_entries; res->max_entries = max_entries;
res->nb_entries = 0; res->nb_entries = 0;
res->crc = av_crc_get_table(AV_CRC_32_IEEE); res->crc = av_crc_get_table(AV_CRC_32_IEEE);