[FFmpeg-cvslog] avformat/aiffdec: fix signed integer overflow
Paul B Mahol
git at videolan.org
Wed Sep 25 18:49:20 EEST 2019
ffmpeg | branch: master | Paul B Mahol <onemda at gmail.com> | Wed Sep 25 17:36:52 2019 +0200| [d58752bcb923f48d372c0377c07990dd6379a1a9] | committer: Paul B Mahol
avformat/aiffdec: fix signed integer overflow
Fixes #8151
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=d58752bcb923f48d372c0377c07990dd6379a1a9
---
libavformat/aiffdec.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/libavformat/aiffdec.c b/libavformat/aiffdec.c
index 61ef099f26..a42987c15f 100644
--- a/libavformat/aiffdec.c
+++ b/libavformat/aiffdec.c
@@ -243,7 +243,10 @@ static int aiff_read_header(AVFormatContext *s)
if (size < 0)
return size;
- filesize -= size + 8;
+ if (size >= 0x7fffffff - 8)
+ filesize = 0;
+ else
+ filesize -= size + 8;
switch (tag) {
case MKTAG('C', 'O', 'M', 'M'): /* Common chunk */
More information about the ffmpeg-cvslog
mailing list