[FFmpeg-cvslog] escape124: fix integer overflow leading to excessive memory allocation
Nicolas George
nicolas.george at normalesup.org
Thu Aug 16 23:48:42 CEST 2012
Le decadi 30 thermidor, an CCXX, Michael Niedermayer a écrit :
> - if (!can_safely_read(gb, size * 34))
> + if (!can_safely_read(gb, size * 34L))
That works for archs where long = int64_t, but not archs where long =
int32_t (like x86_32 or, in fact most 32-bits archs), it does not change
anything. "(uint64_t)size * 34" would work.
Regards,
--
Nicolas George
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://ffmpeg.org/pipermail/ffmpeg-cvslog/attachments/20120816/3a13bb8e/attachment.asc>
More information about the ffmpeg-cvslog
mailing list