[FFmpeg-devel] [PATCH 4/4] avcodec/mpc: Fix multiple numerical overflows in ff_mpc_dequantize_and_synth()

Michael Niedermayer michael at niedermayer.cc
Sat Sep 12 17:37:03 EEST 2020


On Tue, Jun 30, 2020 at 10:28:32PM +0200, Michael Niedermayer wrote:
> Fixes: -2.4187e+09 is outside the range of representable values of type 'int'
> Fixes: signed integer overflow: -14512205 + -2147483648 cannot be represented in type 'int'
> Fixes: 20492/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MPC7_fuzzer-5747263166480384
> Fixes: 23528/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MPC7_fuzzer-5747263166480384
> 
> Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
> Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
> ---
>  libavcodec/mpc.c | 8 ++++----
>  1 file changed, 4 insertions(+), 4 deletions(-)

will apply


[...]
-- 
Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

Let us carefully observe those good qualities wherein our enemies excel us
and endeavor to excel them, by avoiding what is faulty, and imitating what
is excellent in them. -- Plutarch
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
URL: <https://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20200912/757cd573/attachment.sig>


More information about the ffmpeg-devel mailing list