[FFmpeg-devel] [PATCH 8/8] Fix long int -> unsigned int truncation and add an overflow check in get_codec_tag_from_string().

Stefano Sabatini stefano.sabatini-lala
Wed Jun 2 15:30:44 CEST 2010


---
 ffmpeg.c |    6 +++++-
 1 files changed, 5 insertions(+), 1 deletions(-)

diff --git a/ffmpeg.c b/ffmpeg.c
index bacbc1c..695aab8 100644
--- a/ffmpeg.c
+++ b/ffmpeg.c
@@ -2955,7 +2955,11 @@ static void opt_audio_codec(const char *arg)
 static unsigned int get_codec_tag_from_string(const char *tag)
 {
     char *tail;
-    unsigned int codec_tag = strtol(tag, &tail, 0);
+    unsigned long int codec_tag = strtoul(tag, &tail, 0);
+    if (errno == ERANGE || codec_tag > UINT_MAX) {
+        fprintf(stderr, "Value from codec tag string '%s' too big\n", tag);
+        exit(1);
+    }
 
     if(!tail || *tail)
         codec_tag = tag[0] + (tag[1]<<8) + (tag[2]<<16) + (tag[3]<<24);
-- 
1.7.1




More information about the ffmpeg-devel mailing list