]> git.sesse.net Git - ffmpeg/commit
avformat/utils: Improve ffio_limit logic
authorAndreas Rheinhardt <andreas.rheinhardt@gmail.com>
Fri, 11 Dec 2020 00:46:15 +0000 (01:46 +0100)
committerAndreas Rheinhardt <andreas.rheinhardt@gmail.com>
Fri, 11 Dec 2020 00:46:15 +0000 (01:46 +0100)
commit43b4c66e6b7dc788b8c6e4c9cfdb08bfa5ef2360
treea8fc54c0c2092f854996307e3d07671a4c7b2459
parent7ab5192260c387a10998481fe1468f1304f6ebd2
avformat/utils: Improve ffio_limit logic

The earlier code would not complain if the remaining size was one byte
short of the desired size; and the way it performed the check could run
into signed integer overflow.

Fixes: signed integer overflow: 9223372036854775807 + 1 cannot be represented in type 'long'
Fixes: Timeout
Fixes: 26434/clusterfuzz-testcase-minimized-ffmpeg_dem_MV_fuzzer-5752845451919360
Fixes: 26444/clusterfuzz-testcase-minimized-ffmpeg_dem_BINK_fuzzer-4697773380993024
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
libavformat/utils.c