From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <ffmpeg-devel-bounces@ffmpeg.org>
Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org [79.124.17.100])
	by master.gitmailbox.com (Postfix) with ESMTP id 1531B44B73
	for <ffmpegdev@gitmailbox.com>; Sun,  6 Nov 2022 18:25:46 +0000 (UTC)
Received: from [127.0.1.1] (localhost [127.0.0.1])
	by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 08163680105;
	Sun,  6 Nov 2022 20:25:44 +0200 (EET)
Received: from mail-vk1-f181.google.com (mail-vk1-f181.google.com
 [209.85.221.181])
 by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id BC2C268004E
 for <ffmpeg-devel@ffmpeg.org>; Sun,  6 Nov 2022 20:25:37 +0200 (EET)
Received: by mail-vk1-f181.google.com with SMTP id g26so5311488vkm.12
 for <ffmpeg-devel@ffmpeg.org>; Sun, 06 Nov 2022 10:25:37 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112;
 h=to:subject:message-id:date:from:references:in-reply-to:mime-version
 :from:to:cc:subject:date:message-id:reply-to;
 bh=jG2qth2LNGj3a2l2MK/L6XEt6NHfntlFmB52AzEU3BQ=;
 b=BEXPuKTq4WKK5hUtVX9GPyEoRzo/otUF9quKeykTXtAQGCnDe4qIaPsRd/LbPS4+ue
 JixypyU45NyhxkxEAcXvHaWZMqYqLPDzrVnFpWhm1/B/yO098leZkpmsAPoLshplTvRM
 nKjnzKkZtennrS2zbU00+434iOEzrP2ExQl9/PM6b1ROf7Bl/3kqaxymdKhZDwsfLOZn
 pvzYCKlBMN0y1tWQS1cvfZT8qM+hRyuIULyqQp0YT6vgIX7N+VMAIM66GT1gksmJbgjy
 TFDswe357VCvQT6Nj5MJI9+QOsRd/llACENje8hg1p7yAfnBKjPYP0A8KUoWCr5DyP3E
 KhNg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20210112;
 h=to:subject:message-id:date:from:references:in-reply-to:mime-version
 :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
 bh=jG2qth2LNGj3a2l2MK/L6XEt6NHfntlFmB52AzEU3BQ=;
 b=33kTnoDIqFK/dHpL9Sk1RVWvvmwutNRzExLZkTLhsjRq7mwhIfM3t9Dyimryz9WgnX
 YweSHKKNHKv77quY7jwgtuEHDCcFQWrGfKlQZRB0BAmZeche60Cb0Czevon1fZAwkMXB
 wyFmJrNSyYYh5naQepxsRlxC3K2j+xNAR3F6zxXekerJ+hNHDsRcgSglilKbplJdxIEz
 K1xQZV5oA645FxFfLmw/2EksDDwO7tLkN1padgQHjaWsu3KvrF5gfGZuxL8A0EWFXnUy
 MpW/lWYaps32bR/x993Aakp/Wa9m8f992RrhoUjMgp2HkAdf0GMSaEs+nAPAkBHc88/o
 79qQ==
X-Gm-Message-State: ACrzQf16EnnWMkfUmLe+eCMXPb+6p3HgE8Etbd2vD5jbGz34KvCLSpAd
 4rDLte8rc8OggpECHpY8gVcdRCQb/reFSHHDSdTc09gZ
X-Google-Smtp-Source: AMsMyM46mlgzHz7Z34iAx1baIqkmz/LXuQPMslwn2xRILZkw1hZSr3CNJ5RUMNaoEJ0Q+zV4FZ865UmzA1jpsVUFBBg=
X-Received: by 2002:a05:6122:16a9:b0:3b8:993c:2bb6 with SMTP id
 41-20020a05612216a900b003b8993c2bb6mr4619251vkl.21.1667759136305; Sun, 06 Nov
 2022 10:25:36 -0800 (PST)
MIME-Version: 1.0
Received: by 2002:a05:612c:612:b0:314:ac6a:1eb7 with HTTP; Sun, 6 Nov 2022
 10:25:35 -0800 (PST)
In-Reply-To: <20221106123430.1668-6-michael@niedermayer.cc>
References: <20221106123430.1668-1-michael@niedermayer.cc>
 <20221106123430.1668-6-michael@niedermayer.cc>
From: Paul B Mahol <onemda@gmail.com>
Date: Sun, 6 Nov 2022 19:25:35 +0100
Message-ID: <CAPYw7P42h52n6QMBtpF_fY_7r-19Ldv5=EVdN4UvbHuX1Bvy9g@mail.gmail.com>
To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
Subject: Re: [FFmpeg-devel] [PATCH 6/7] avcodec/bonk: Check step against
 overflow
X-BeenThere: ffmpeg-devel@ffmpeg.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: FFmpeg development discussions and patches <ffmpeg-devel.ffmpeg.org>
List-Unsubscribe: <https://ffmpeg.org/mailman/options/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=unsubscribe>
List-Archive: <https://ffmpeg.org/pipermail/ffmpeg-devel>
List-Post: <mailto:ffmpeg-devel@ffmpeg.org>
List-Help: <mailto:ffmpeg-devel-request@ffmpeg.org?subject=help>
List-Subscribe: <https://ffmpeg.org/mailman/listinfo/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=subscribe>
Reply-To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: ffmpeg-devel-bounces@ffmpeg.org
Sender: "ffmpeg-devel" <ffmpeg-devel-bounces@ffmpeg.org>
Archived-At: <https://master.gitmailbox.com/ffmpegdev/CAPYw7P42h52n6QMBtpF_fY_7r-19Ldv5=EVdN4UvbHuX1Bvy9g@mail.gmail.com/>
List-Archive: <https://master.gitmailbox.com/ffmpegdev/>
List-Post: <mailto:ffmpegdev@gitmailbox.com>

On 11/6/22, Michael Niedermayer <michael@niedermayer.cc> wrote:
> No testcase
>
> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
> ---
>  libavcodec/bonk.c | 2 ++
>  1 file changed, 2 insertions(+)
>
> diff --git a/libavcodec/bonk.c b/libavcodec/bonk.c
> index 37ad7854b6..f2427de4f1 100644
> --- a/libavcodec/bonk.c
> +++ b/libavcodec/bonk.c
> @@ -180,6 +180,8 @@ static int intlist_read(BonkContext *s, int *buf, int
> entries, int base_2_part)
>              if (!dominant)
>                  n_zeros += steplet;
>
> +            if (step > INT32_MAX*8LL/9 + 1)
> +                return AVERROR_INVALIDDATA;
>              step += step / 8;
>          } else if (steplet > 0) {
>              int actual_run = read_uint_max(s, steplet - 1);
> --
> 2.17.1

probably ok

>
> _______________________________________________
> ffmpeg-devel mailing list
> ffmpeg-devel@ffmpeg.org
> https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
>
> To unsubscribe, visit link above, or email
> ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".
>
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel

To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".