On Sun, 3 Nov 2024 at 11:24, Michael Niedermayer <[email protected]> wrote: > > Fixes: runtime error: signed integer overflow > Fixes: > 42536949/clusterfuzz-testcase-minimized-fuzzer_loadfile-6199846684393472 > Found-by: ossfuzz > Reported-by: Kacper Michajlow > Tested-by: Kacper Michajlow > Signed-off-by: Michael Niedermayer <[email protected]> > --- > libavformat/icodec.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/libavformat/icodec.c b/libavformat/icodec.c > index afd0c71b1f9..b09d0060a65 100644 > --- a/libavformat/icodec.c > +++ b/libavformat/icodec.c > @@ -198,7 +198,7 @@ static int read_packet(AVFormatContext *s, AVPacket *pkt) > AV_WL32(buf + 32, image->nb_pal); > } > > - if (image->nb_pal > INT_MAX / 4 - 14 - 40) > + if (image->nb_pal > INT_MAX / 4 - 14 - 40U) > return AVERROR_INVALIDDATA; > > AV_WL32(buf - 4, 14 + 40 + image->nb_pal * 4); > -- > 2.47.0 > > _______________________________________________ > ffmpeg-devel mailing list > [email protected] > https://ffmpeg.org/mailman/listinfo/ffmpeg-devel > > To unsubscribe, visit link above, or email > [email protected] with subject "unsubscribe".
Any news about this patch? - Kacper _______________________________________________ ffmpeg-devel mailing list [email protected] https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email [email protected] with subject "unsubscribe".
