virtualenv/FFmpeg
1
0
Fork 0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2024-12-23 12:43:46 +02:00
Code Issues Releases Activity

avformat/icodec: fix integer overflow with nb_pal

Browse Source 
Fixes: runtime error: signed integer overflow
Fixes: 42536949/clusterfuzz-testcase-minimized-fuzzer_loadfile-6199846684393472
Found-by: ossfuzz
Reported-by: Kacper Michajlow
Tested-by: Kacper Michajlow
Reviewed-by: Peter Ross <pross@xvid.org>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This commit is contained in:
Michael Niedermayer 2024-11-03 11:07:27 +01:00
parent 40bd6d8355
commit 84569b6c22
No known key found for this signature in database
GPG Key ID: B18E8928B3948D64
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
libavformat/icodec.c
View File

@ -198,7 +198,7 @@ static int read_packet(AVFormatContext *s, AVPacket *pkt)
AV_WL32(buf + 32, image->nb_pal);
}
if (image->nb_pal > INT_MAX / 4 - 14 - 40)
if (image->nb_pal > INT_MAX / 4 - 14 - 40U)
return AVERROR_INVALIDDATA;
AV_WL32(buf - 4, 14 + 40 + image->nb_pal * 4);