[FFmpeg-cvslog] avcodec/exr: Fix preview overflow

Michael Niedermayer git at videolan.org
Thu Jun 13 23:40:58 EEST 2024


ffmpeg | branch: release/5.1 | Michael Niedermayer <michael at niedermayer.cc> | Fri May  3 23:25:10 2024 +0200| [cb03082cfa9ea501b496fb4f5cd3745340af21b3] | committer: Michael Niedermayer

avcodec/exr: Fix preview overflow

Fixes: CID1515456 Unintentional integer overflow

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 36126e4c142e43cc703f4b8c535d388ac5e403a4)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>

> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=cb03082cfa9ea501b496fb4f5cd3745340af21b3
---

 libavcodec/exr.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libavcodec/exr.c b/libavcodec/exr.c
index f05117c98c..12db6d4236 100644
--- a/libavcodec/exr.c
+++ b/libavcodec/exr.c
@@ -1956,7 +1956,7 @@ static int decode_header(EXRContext *s, AVFrame *frame)
                                                      "preview", 16)) >= 0) {
             uint32_t pw = bytestream2_get_le32(gb);
             uint32_t ph = bytestream2_get_le32(gb);
-            uint64_t psize = pw * ph;
+            uint64_t psize = pw * (uint64_t)ph;
             if (psize > INT64_MAX / 4) {
                 ret = AVERROR_INVALIDDATA;
                 goto fail;



More information about the ffmpeg-cvslog mailing list