[FFmpeg-devel] [PATCH] avformat/rtpdec: int overflow in start_time_realtime

Wed Jan 8 02:22:13 EET 2025

From: Jonathan Baudanza <jon at jonb.org>

This was previously adjusted by me in 6b3f9c2e92b.
Unfortunately, I traded one integer overflow bug for
another.

Currently, NTP timestamps that exceed INT64_MAX
(~Jan 20, 1968) will cause an overflow when passed
to av_rescale.

This patch replaces av_rescale, which operates on
int64_t, with ff_parse_ntp_time, which operates on
uint64_t. This will give the correct values for
timestamps back around the NTP epoch and present day
timestamps.
---
 libavformat/rtsp.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libavformat/rtsp.c b/libavformat/rtsp.c
index c48fa26d90..5ea471b40c 100644
--- a/libavformat/rtsp.c
+++ b/libavformat/rtsp.c
@@ -2320,7 +2320,7 @@ redo:
                 }
                 // Make real NTP start time available in AVFormatContext
                 if (s->start_time_realtime == AV_NOPTS_VALUE) {
-                    s->start_time_realtime = av_rescale (rtpctx->first_rtcp_ntp_time, 1000000, 1LL << 32) - NTP_OFFSET_US;
+                    s->start_time_realtime = ff_parse_ntp_time(rtpctx->first_rtcp_ntp_time) - NTP_OFFSET_US;
                     if (rtpctx->st) {
                         s->start_time_realtime -=
                             av_rescale_q (rtpctx->rtcp_ts_offset, rtpctx->st->time_base, AV_TIME_BASE_Q);
-- 
2.41.0

