Overview

File ffmpeg-4-CVE-2024-36618.patch of Package ffmpeg-4

commit 7a089ed8e049e3bfcb22de1250b86f2106060857
Author: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
Date:   Tue Mar 12 23:23:17 2024 +0100

    avformat/avidec: Fix integer overflow iff ULONG_MAX < INT64_MAX
    
    Affects many FATE-tests, see
    https://fate.ffmpeg.org/report.cgi?time=20240312011016&slot=ppc-linux-gcc-13.2-ubsan-altivec-qemu
    
    Reviewed-by: James Almer <jamrial@gmail.com>
    Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>

--- a/libavformat/avidec.c
+++ b/libavformat/avidec.c
@@ -1694,7 +1694,7 @@
     int *idx = av_mallocz_array(s->nb_streams, sizeof(*idx));
     if (!idx)
         return AVERROR(ENOMEM);
-    for (min_pos = pos = 0; min_pos != INT64_MAX; pos = min_pos + 1LU) {
+    for (min_pos = pos = 0; min_pos != INT64_MAX; pos = min_pos + 1ULL) {
         int64_t max_dts = INT64_MIN / 2;
         int64_t min_dts = INT64_MAX / 2;
         int64_t max_buffer = 0;
openSUSE Build Service is sponsored by
Places