Fixes: signed integer overflow: 65313 * 65313 cannot be represented in type 'int'
Fixes: 15740/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DVBSUB_fuzzer-5641749164195840
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
display_def->width = bytestream_get_be16(&buf) + 1;
display_def->height = bytestream_get_be16(&buf) + 1;
if (!avctx->width || !avctx->height) {
- avctx->width = display_def->width;
- avctx->height = display_def->height;
+ int ret = ff_set_dimensions(avctx, display_def->width, display_def->height);
+ if (ret < 0)
+ return ret;
}
if (info_byte & 1<<3) { // display_window_flag