[FFmpeg-devel] [PATCH 5/6] avformat/4xm: Make audio_frame_count 64bit

Michael Niedermayer michael at niedermayer.cc
Mon Nov 23 02:43:03 EET 2020


Fixes: signed integer overflow: 2099257366 * 2 cannot be represented in type 'int'
Fixes: 27486/clusterfuzz-testcase-minimized-ffmpeg_dem_FOURXM_fuzzer-5112179134824448

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
---
 libavformat/4xm.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libavformat/4xm.c b/libavformat/4xm.c
index 6a227a0b0d..30f1b05324 100644
--- a/libavformat/4xm.c
+++ b/libavformat/4xm.c
@@ -299,7 +299,7 @@ static int fourxm_read_packet(AVFormatContext *s,
     unsigned int track_number;
     int packet_read = 0;
     unsigned char header[8];
-    int audio_frame_count;
+    int64_t audio_frame_count;
 
     while (!packet_read) {
         if ((ret = avio_read(s->pb, header, 8)) < 0)
-- 
2.17.1



More information about the ffmpeg-devel mailing list