With some (garbled) OGG data, PTS can overflow causing undefined behavior. This patch avoids that by zeroing out PTS values greater than 2^62.
From 26a8582bc04f5bddc037ffcce99025e2f977abe0 Mon Sep 17 00:00:00 2001 From: Fredrik Hubinette <hu...@google.com> Date: Mon, 16 Jul 2018 14:54:43 -0700 Subject: [PATCH] Avoid undefined behavior by limiting PTS to 62 bits in ogg decoder
--- libavformat/oggdec.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/libavformat/oggdec.h b/libavformat/oggdec.h index 4a2b6ddee8..798c74f671 100644 --- a/libavformat/oggdec.h +++ b/libavformat/oggdec.h @@ -162,8 +162,9 @@ ogg_gptopts (AVFormatContext * s, int i, uint64_t gp, int64_t *dts) if (dts) *dts = pts; } - if (pts > INT64_MAX && pts != AV_NOPTS_VALUE) { + if (pts > INT64_MAX / 2 && pts != AV_NOPTS_VALUE) { // The return type is unsigned, we thus cannot return negative pts + // Limit the return value to 62 bits to avoid undefined behavior. av_log(s, AV_LOG_ERROR, "invalid pts %"PRId64"\n", pts); pts = AV_NOPTS_VALUE; } -- 2.18.0.203.gfac676dfb9-goog
_______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org http://ffmpeg.org/mailman/listinfo/ffmpeg-devel