[FFmpeg-devel] [PATCH] Fix signed integer overflows

[Vitaly Buka]

Not sure or it's going to be very hard for me.
third_party/ffmpeg/LGPL_pristine/libavformat/aviobuf.c:225:16

Error was:
mov.c:3961:23: runtime error: signed integer overflow: 9223372036854775807
+ 8 cannot be represented in type 'long'

On Fri, Aug 18, 2017 at 1:13 AM, Carl Eugen Hoyos <ceffmpeg at gmail.com>
wrote:

> 2017-08-18 8:14 GMT+02:00 Vitaly Buka <vitalybuka-at-google.com at ffmpeg.org
> >:
> > Signed integer overflow is undefined behavior.
> > Detected with clang and -fsanitize=signed-integer-overflow
>
> > --- a/libavformat/mov.c
> > +++ b/libavformat/mov.c
> > @@ -5572,7 +5572,7 @@ static int mov_read_default(MOVContext *c,
> AVIOContext *pb, MOVAtom atom)
> >
> >      if (atom.size < 0)
> >          atom.size = INT64_MAX;
> > -    while (total_size + 8 <= atom.size && !avio_feof(pb)) {
> > +    while (total_size <= atom.size - 8 && !avio_feof(pb)) {
>
> Can you provide the sample that produces this overflow?
>
> Carl Eugen
> _______________________________________________
> ffmpeg-devel mailing list
> ffmpeg-devel at ffmpeg.org
> http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
>