[FFmpeg-devel] [PATCH 2/2] avformat/rpl: Fix check for negative values

[James Almer]

On 11/18/2024 4:37 AM, Rémi Denis-Courmont wrote:
> Hi,
> 
> Le 18 novembre 2024 05:09:11 GMT+02:00, Michael Niedermayer <michael at niedermayer.cc> a écrit :
>> Fixes: signed integer overflow: 10 * -1923267925333400000 cannot be represented in type 'int64_t' (aka 'long')
>> Fixes: 378891963/clusterfuzz-testcase-minimized-fuzzer_loadfile_direct-5714338935013376
>> Found-by: ossfuzz
>> Reported-by: Kacper Michajlow <kasper93 at gmail.com>
>> Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
>> ---
>> libavformat/rpl.c | 2 +-
>> 1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/libavformat/rpl.c b/libavformat/rpl.c
>> index e971d0588f3..b30d769efb2 100644
>> --- a/libavformat/rpl.c
>> +++ b/libavformat/rpl.c
>> @@ -102,7 +102,7 @@ static AVRational read_fps(const char* line, int* error)
>>          line++;
>>      for (; *line>='0' && *line<='9'; line++) {
>>          // Truncate any numerator too large to fit into an int64_t
>> -        if (num > (INT64_MAX - 9) / 10 || den > INT64_MAX / 10)
>> +        if (num > (INT64_MAX - 9) / 10ULL || den > INT64_MAX / 10ULL)
>>              break;
>>          num  = 10 * num + (*line - '0');
>>          den *= 10;
> 
> We have ckd_mul() for this, AFAIK. Easier to read, easier to write and also easier for the compiler to optimise correctly.

Not yet, i haven't pushed my compat header patch.

> _______________________________________________
> ffmpeg-devel mailing list
> ffmpeg-devel at ffmpeg.org
> https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
> 
> To unsubscribe, visit link above, or email
> ffmpeg-devel-request at ffmpeg.org with subject "unsubscribe".

-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature.asc
Type: application/pgp-signature
Size: 495 bytes
Desc: OpenPGP digital signature
URL: <https://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20241118/2b45c374/attachment.sig>