cafdec: fix overflow checking in read_header()

Several compilers such as clang/icc/pathscale will optimize the check pos + size < pos (assuming size > 0) into false, since signed integer overflow is undefined behavior in C. This breaks overflow checking. Use a safe precondition check instead. Signed-off-by: Xi Wang <xi.wang@gmail.com> Signed-off-by: Michael Niedermayer <michaelni@gmx.at>

cafdec: fix overflow checking in read_header()
Several compilers such as clang/icc/pathscale will optimize the check pos + size < pos (assuming size > 0) into false, since signed integer overflow is undefined behavior in C. This breaks overflow checking. Use a safe precondition check instead. Signed-off-by: Xi Wang <xi.wang@gmail.com> Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
64b7e7dc · Xi Wang · Michael Niedermayer · 3317414f · 64b7e7dc
Commit 64b7e7dc authored Jan 20, 2013 by Xi Wang Committed by Michael Niedermayer Jan 20, 2013
Hide whitespace changes
Inline Side-by-side

Showing with 1 addition and 1 deletion

cafdec.c libavformat/cafdec.c +1 -1

No files found.
--- a/libavformat/cafdec.c
+++ b/libavformat/cafdec.c
@@ -300,7 +300,7 @@ static int read_header(AVFormatContext *s)
        }

        if (size > 0) {
-            if (pos + size < pos)
+            if (pos > INT64_MAX - size)
                return AVERROR_INVALIDDATA;
            avio_skip(pb, FFMAX(0, pos + size - avio_tell(pb)));
        }