x/ffmpeg
1
0
Fork 0
mirror of https://git.ffmpeg.org/ffmpeg.git synced 2026-06-11 08:13:06 +00:00
Code Issues Packages Projects Releases Wiki Activity

avcodec/dvdsub_parser: Fix buf_size check

Browse Source 
Fixes: signed integer overflow
Fixes: out of array access
Fixes: dvdsub_int_overflow_mixed_ps.mpg

Found-by: Quang Luong of Calif.io in collaboration with OpenAI Codex
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This commit is contained in:
Michael Niedermayer
2026-03-22 00:33:26 +00:00
committed by michaelni
parent 9d97771bc6
commit 1bde76da89
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
libavcodec/dvdsub_parser.c
+1 -1
View File
@@ -60,7 +60,7 @@ static int dvdsub_parse(AVCodecParserContext *s,
pc->packet = av_malloc(pc->packet_len + AV_INPUT_BUFFER_PADDING_SIZE);
}
if (pc->packet) {
if (pc->packet_index + buf_size <= pc->packet_len) {
if (buf_size <= pc->packet_len - pc->packet_index) {
memcpy(pc->packet + pc->packet_index, buf, buf_size);
pc->packet_index += buf_size;
if (pc->packet_index >= pc->packet_len) {