On Sun, Nov 06, 2022 at 07:25:35PM +0100, Paul B Mahol wrote:
> On 11/6/22, Michael Niedermayer <michael@niedermayer.cc> wrote:
> > No testcase
> >
> > Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
> > ---
> >  libavcodec/bonk.c | 2 ++
> >  1 file changed, 2 insertions(+)
> >
> > diff --git a/libavcodec/bonk.c b/libavcodec/bonk.c
> > index 37ad7854b6..f2427de4f1 100644
> > --- a/libavcodec/bonk.c
> > +++ b/libavcodec/bonk.c
> > @@ -180,6 +180,8 @@ static int intlist_read(BonkContext *s, int *buf, int
> > entries, int base_2_part)
> >              if (!dominant)
> >                  n_zeros += steplet;
> >
> > +            if (step > INT32_MAX*8LL/9 + 1)
> > +                return AVERROR_INVALIDDATA;
> >              step += step / 8;
> >          } else if (steplet > 0) {
> >              int actual_run = read_uint_max(s, steplet - 1);
> > --
> > 2.17.1
> 
> probably ok

will apply

thx

[...]
-- 
Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

Whats the most studid thing your enemy could do ? Blow himself up
Whats the most studid thing you could do ? Give up your rights and
freedom because your enemy blew himself up.