[FFmpeg-devel] [PATCH] libavformat/mov: limit nb_frames_for_fps to INT_MAX

[Dan Sanders]

It's this or add overflow detection in mov_read_header().
---
 libavformat/mov.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/libavformat/mov.c b/libavformat/mov.c
index d5ce077e63..247a65ed11 100644
--- a/libavformat/mov.c
+++ b/libavformat/mov.c
@@ -2940,7 +2940,7 @@ static int mov_read_stts(MOVContext *c,
AVIOContext *pb, MOVAtom atom)

     if (duration > 0 &&
         duration <= INT64_MAX - sc->duration_for_fps &&
-        total_sample_count <= INT64_MAX - sc->nb_frames_for_fps
+        total_sample_count <= INT_MAX - sc->nb_frames_for_fps
     ) {
         sc->duration_for_fps  += duration;
         sc->nb_frames_for_fps += total_sample_count;
@@ -4897,7 +4897,7 @@ static int mov_read_trun(MOVContext *c,
AVIOContext *pb, MOVAtom atom)
         sc->data_size += sample_size;

         if (sample_duration <= INT64_MAX - sc->duration_for_fps &&
-            1 <= INT64_MAX - sc->nb_frames_for_fps
+            1 <= INT_MAX - sc->nb_frames_for_fps
         ) {
             sc->duration_for_fps += sample_duration;
             sc->nb_frames_for_fps ++;
-- 
2.21.0.593.g511ec345e18-goog