Fixes: CID1604489 Overflowed constant
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <[email protected]>
---
libavformat/xmv.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/libavformat/xmv.c b/libavformat/xmv.c
index e103b2368ea..ed59f7b85bd 100644
--- a/libavformat/xmv.c
+++ b/libavformat/xmv.c
@@ -221,6 +221,8 @@ static int xmv_read_header(AVFormatContext *s)
/* Initialize the packet context */
xmv->next_packet_offset = avio_tell(pb);
+ if (this_packet_size < xmv->next_packet_offset)
+ return AVERROR_INVALIDDATA;
xmv->next_packet_size = this_packet_size - xmv->next_packet_offset;
xmv->stream_count = xmv->audio_track_count + 1;
--
2.45.2
_______________________________________________
ffmpeg-devel mailing list
[email protected]
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
[email protected] with subject "unsubscribe".
