Fixes: signed integer overflow: 1 - -9223372036854775808 cannot be represented in type 'long'
Fixes: 23490/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5133490093031424
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Nicolas George <george@nsup.org>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
int64_t pos = avio_tell(s->pb);
int len = ff_get_line(s->pb, line_buf, sizeof(line_buf));
char *line = line_buf;
+ int64_t pts;
if (!strncmp(line, bom, 3))
line += 3;
SKIP_FRAME_ID;
if (!*p)
continue;
+ pts = get_pts(line);
+ if (pts == AV_NOPTS_VALUE)
+ continue;
sub = ff_subtitles_queue_insert(µdvd->q, p, strlen(p), 0);
if (!sub) {
ret = AVERROR(ENOMEM);
goto fail;
}
sub->pos = pos;
- sub->pts = get_pts(line);
+ sub->pts = pts;
sub->duration = get_duration(line);
}
ff_subtitles_queue_finalize(s, µdvd->q);