This is an automated email from the git hooks/post-receive script.
Git pushed a commit to branch master
in repository ffmpeg.
The following commit(s) were added to refs/heads/master by this push:
new e7b4ddc9d6 avcodec/pngdec: fix dead overflow check in
decode_text_to_exif()
e7b4ddc9d6 is described below
commit e7b4ddc9d6e3f5c871cfbb4ccb7a89f7631fd7d9
Author: Priyanshu Thapliyal <[email protected]>
AuthorDate: Tue Mar 24 00:49:55 2026 +0530
Commit: Leo Izen <[email protected]>
CommitDate: Wed Mar 25 16:48:12 2026 +0000
avcodec/pngdec: fix dead overflow check in decode_text_to_exif()
The expression (exif_len & ~SIZE_MAX) is always 0 for size_t,
making the overflow guard permanently dead code.
Reported-by: Guanni Qu <[email protected]>
Signed-off-by: Priyanshu Thapliyal <[email protected]>
---
libavcodec/pngdec.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libavcodec/pngdec.c b/libavcodec/pngdec.c
index 042b6a5c2f..d630617004 100644
--- a/libavcodec/pngdec.c
+++ b/libavcodec/pngdec.c
@@ -558,7 +558,7 @@ static int decode_text_to_exif(PNGDecContext *s, const char
*txt_utf8)
}
// first condition checks for overflow in 2 * exif_len
- if ((exif_len & ~SIZE_MAX) || end - ptr < 2 * exif_len)
+ if (exif_len > SIZE_MAX / 2 || end - ptr < 2 * exif_len)
return AVERROR_INVALIDDATA;
if (exif_len < 10)
return AVERROR_INVALIDDATA;
_______________________________________________
ffmpeg-cvslog mailing list -- [email protected]
To unsubscribe send an email to [email protected]
