libavformat/mov: limit nb_frames_for_fps to INT_MAX

It's this or add overflow detection in mov_read_header(). Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

libavformat/mov: limit nb_frames_for_fps to INT_MAX
It's this or add overflow detection in mov_read_header(). Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
22c820f5 · Dan Sanders · Michael Niedermayer · 4a69b182 · 22c820f5
Commit 22c820f5 authored Apr 22, 2019 by Dan Sanders Committed by Michael Niedermayer Apr 23, 2019
Hide whitespace changes
Inline Side-by-side

Showing with 2 additions and 2 deletions

mov.c libavformat/mov.c +2 -2

No files found.
--- a/libavformat/mov.c
+++ b/libavformat/mov.c
@@ -2940,7 +2940,7 @@ static int mov_read_stts(MOVContext *c, AVIOContext *pb, MOVAtom atom)
    if (duration > 0 &&
        duration <= INT64_MAX - sc->duration_for_fps &&
-        total_sample_count <= INT64_MAX - sc->nb_frames_for_fps
+        total_sample_count <= INT_MAX - sc->nb_frames_for_fps
    ) {
        sc->duration_for_fps  += duration;
        sc->nb_frames_for_fps += total_sample_count;
@@ -4897,7 +4897,7 @@ static int mov_read_trun(MOVContext *c, AVIOContext *pb, MOVAtom atom)
        sc->data_size += sample_size;
        if (sample_duration <= INT64_MAX - sc->duration_for_fps &&
-            1 <= INT64_MAX - sc->nb_frames_for_fps
+            1 <= INT_MAX - sc->nb_frames_for_fps
        ) {
            sc->duration_for_fps += sample_duration;
            sc->nb_frames_for_fps ++;