eessppeelllloo/ffmpeg
1
0
Fork 0
mirror of https://git.ffmpeg.org/ffmpeg.git synced 2026-03-19 10:58:33 +01:00
Code Issues Packages Projects Releases Wiki Activity

avutil/timecode: Check for integer overflow in av_timecode_init_from_components()

Browse Source 
Fixes: integer overflow
Fixes: testcase that calls av_timecode_init_from_components() with hh set explicitly to INT_MAX

Found-by: Youngjae Choi, Mingyoung Ban, Seunghoon Woo
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit eb5d607861)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This commit is contained in:
Michael Niedermayer
2025-08-14 02:12:26 +02:00
parent 4f72addce1
commit 56217dccd6
1 changed files with 10 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
libavutil/timecode.c
View File

@@ -211,6 +211,7 @@ int av_timecode_init(AVTimecode *tc, AVRational rate, int flags, int frame_start
int av_timecode_init_from_components(AVTimecode *tc, AVRational rate, int flags, int hh, int mm, int ss, int ff, void *log_ctx)
{
int ret;
int64_t s;
memset(tc, 0, sizeof(*tc));
tc->flags = flags;
@@ -221,7 +222,15 @@ int av_timecode_init_from_components(AVTimecode *tc, AVRational rate, int flags,
if (ret < 0)
return ret;
tc->start = (hh*3600 + mm*60 + ss) * tc->fps + ff;
s = hh*3600LL + mm*60LL + ss;
if (s != (int32_t)s)
return AVERROR(EINVAL);
s = s * tc->fps + ff;
if (s != (int32_t)s)
return AVERROR(EINVAL);
tc->start = s;
if (tc->flags & AV_TIMECODE_FLAG_DROPFRAME) { /* adjust frame number */
int tmins = 60*hh + mm;
tc->start -= (tc->fps / 30 * 2) * (tmins - tmins/10);