[FFmpeg-cvslog] avformat/utils: Check dts in update_initial_timestamps() more
Michael Niedermayer
git at videolan.org
Tue Jan 26 20:09:24 EET 2021
ffmpeg | branch: master | Michael Niedermayer <michael at niedermayer.cc> | Sat Jan 16 22:05:53 2021 +0100| [29851cb840c176d514573914799ca6c95f3f4e8e] | committer: Michael Niedermayer
avformat/utils: Check dts in update_initial_timestamps() more
Fixes: signed integer overflow: -9223372036853488158 - 90000000 cannot be represented in type 'long long'
Fixes: 26910/clusterfuzz-testcase-minimized-ffmpeg_dem_MPSUB_fuzzer-6696625298866176
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=29851cb840c176d514573914799ca6c95f3f4e8e
---
libavformat/utils.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/libavformat/utils.c b/libavformat/utils.c
index 6f100294a1..1ec71691e5 100644
--- a/libavformat/utils.c
+++ b/libavformat/utils.c
@@ -1106,6 +1106,7 @@ static void update_initial_timestamps(AVFormatContext *s, int stream_index,
dts == AV_NOPTS_VALUE ||
st->cur_dts == AV_NOPTS_VALUE ||
st->cur_dts < INT_MIN + RELATIVE_TS_BASE ||
+ dts < INT_MIN + (st->cur_dts - RELATIVE_TS_BASE) ||
is_relative(dts))
return;
More information about the ffmpeg-cvslog
mailing list