[FFmpeg-devel] [RFC PATCH] avformat/rtpdec: fix another int overflow in start_time_realtime

Tue Nov 26 08:35:13 EET 2024

From: Jonathan Baudanza <jon at jonb.org>

This was previously adjusted by me in 6b3f9c2e92b. Unfortunately, I traded one integer overflow bug for another.

Currently, ntp timestamps that exceed INT64_MAX (~Jan 20, 1968) will cause an overflow when passed to av_rescale.

This patch replaces av_rescale, which operates on int64_t, with ff_parse_ntp_time, which operates on uint65_t. This will give the correct values for timestamps back around the NTP epoch and present day timestamps.
---
 libavformat/rtsp.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libavformat/rtsp.c b/libavformat/rtsp.c
index c48fa26d90..5ea471b40c 100644
--- a/libavformat/rtsp.c
+++ b/libavformat/rtsp.c
@@ -2320,7 +2320,7 @@ redo:
                 }
                 // Make real NTP start time available in AVFormatContext
                 if (s->start_time_realtime == AV_NOPTS_VALUE) {
-                    s->start_time_realtime = av_rescale (rtpctx->first_rtcp_ntp_time, 1000000, 1LL << 32) - NTP_OFFSET_US;
+                    s->start_time_realtime = ff_parse_ntp_time(rtpctx->first_rtcp_ntp_time) - NTP_OFFSET_US;
                     if (rtpctx->st) {
                         s->start_time_realtime -=
                             av_rescale_q (rtpctx->rtcp_ts_offset, rtpctx->st->time_base, AV_TIME_BASE_Q);
-- 
2.41.0

