]> git.sesse.net Git - ffmpeg/commitdiff
projects / ffmpeg / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 65bac4a)
avcodec/dvbsubdec: Use ff_set_dimensions()
authorMichael Niedermayer <michael@niedermayer.cc>
Fri, 19 Jul 2019 22:07:59 +0000 (00:07 +0200)
committerMichael Niedermayer <michael@niedermayer.cc>
Sat, 20 Jul 2019 17:05:02 +0000 (19:05 +0200)
Fixes: signed integer overflow: 65313 * 65313 cannot be represented in type 'int'
Fixes: 15740/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DVBSUB_fuzzer-5641749164195840
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
libavcodec/dvbsubdec.c patch | blob | history

diff --git a/libavcodec/dvbsubdec.c b/libavcodec/dvbsubdec.c
index bc4a17bde0ffa726a9828310446fcf881c98b3c0..6e7e13b6eb2b3c7eba991be308c0b52a16a33232 100644 (file)
--- a/libavcodec/dvbsubdec.c
+++ b/libavcodec/dvbsubdec.c
@@ -1578,8 +1578,9 @@ static int dvbsub_parse_display_definition_segment(AVCodecContext *avctx,
     display_def->width   = bytestream_get_be16(&buf) + 1;
     display_def->height  = bytestream_get_be16(&buf) + 1;
     if (!avctx->width || !avctx->height) {
-        avctx->width  = display_def->width;
-        avctx->height = display_def->height;
+        int ret = ff_set_dimensions(avctx, display_def->width, display_def->height);
+        if (ret < 0)
+            return ret;
     }
 
     if (info_byte & 1<<3) { // display_window_flag
Unnamed repository; edit this file 'description' to name the repository.