Chiebot-Mirror
/
FFmpeg
mirror of https://github.com/FFmpeg/FFmpeg.git
8
0
Fork 0
Code Issues Projects Releases Wiki Activity

avformat/mov: Fix integer overflow in mov_read_packet().

Browse Source 
Fixes https://crbug.com/1499669:
runtime error: signed integer overflow: 9223372036853334272 + 1375731456
cannot be represented in type 'int64_t' (aka 'long')

Signed-off-by: Dale Curtis <dalecurtis@chromium.org>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 2182173a69)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
release/6.0
Dale Curtis 1 year ago committed by Michael Niedermayer
parent f9821fd907
commit 90571795e2
No known key found for this signature in database
GPG Key ID: B18E8928B3948D64
1 changed files with 1 additions and 1 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 2
      libavformat/mov.c

2
libavformat/mov.c
Unescape View File

@ -8861,7 +8861,7 @@ static int mov_read_packet(AVFormatContext *s, AVPacket *pkt)
pkt->flags |= AV_PKT_FLAG_DISCARD;
}
if (sc->ctts_data && sc->ctts_index < sc->ctts_count) {
pkt->pts = pkt->dts + sc->dts_shift + sc->ctts_data[sc->ctts_index].duration;
pkt->pts = av_sat_add64(pkt->dts, av_sat_add64(sc->dts_shift, sc->ctts_data[sc->ctts_index].duration));
/* update ctts context */
sc->ctts_sample++;
if (sc->ctts_index < sc->ctts_count &&

Write Preview
Loading…
Cancel
Save