[FFmpeg-cvslog] avformat/matroskadec: Fix float-cast-overflow undefined behavior in matroska_parse_tracks()

Nikolas Bowe git at videolan.org
Fri Apr 13 02:55:50 EEST 2018


ffmpeg | branch: release/3.3 | Nikolas Bowe <nbowe-at-google.com at ffmpeg.org> | Thu Jan 18 15:21:56 2018 -0800| [980fe1b7a6fcbfc087dd2580308b565840e4eb6a] | committer: Michael Niedermayer

avformat/matroskadec: Fix float-cast-overflow undefined behavior in matroska_parse_tracks()

Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit e07649e618caedc07eaf2f4d09253de7f77d14f0)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>

> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=980fe1b7a6fcbfc087dd2580308b565840e4eb6a
---

 libavformat/matroskadec.c | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/libavformat/matroskadec.c b/libavformat/matroskadec.c
index 3ec1636584..cd6db9ebac 100644
--- a/libavformat/matroskadec.c
+++ b/libavformat/matroskadec.c
@@ -2071,8 +2071,16 @@ static int matroska_parse_tracks(AVFormatContext *s)
         }
 
         if (track->type == MATROSKA_TRACK_TYPE_VIDEO) {
-            if (!track->default_duration && track->video.frame_rate > 0)
-                track->default_duration = 1000000000 / track->video.frame_rate;
+            if (!track->default_duration && track->video.frame_rate > 0) {
+                double default_duration = 1000000000 / track->video.frame_rate;
+                if (default_duration > UINT64_MAX || default_duration < 0) {
+                    av_log(matroska->ctx, AV_LOG_WARNING,
+                         "Invalid frame rate %e. Cannot calculate default duration.\n",
+                         track->video.frame_rate);
+                } else {
+                    track->default_duration = default_duration;
+                }
+            }
             if (track->video.display_width == -1)
                 track->video.display_width = track->video.pixel_width;
             if (track->video.display_height == -1)



More information about the ffmpeg-cvslog mailing list