Commit 64b7e7dc authored by Xi Wang's avatar Xi Wang Committed by Michael Niedermayer

cafdec: fix overflow checking in read_header()

Several compilers such as clang/icc/pathscale will optimize the check
pos + size < pos (assuming size > 0) into false, since signed integer
overflow is undefined behavior in C.  This breaks overflow checking.
Use a safe precondition check instead.
Signed-off-by: 's avatarXi Wang <xi.wang@gmail.com>
Signed-off-by: 's avatarMichael Niedermayer <michaelni@gmx.at>
parent 3317414f
...@@ -300,7 +300,7 @@ static int read_header(AVFormatContext *s) ...@@ -300,7 +300,7 @@ static int read_header(AVFormatContext *s)
} }
if (size > 0) { if (size > 0) {
if (pos + size < pos) if (pos > INT64_MAX - size)
return AVERROR_INVALIDDATA; return AVERROR_INVALIDDATA;
avio_skip(pb, FFMAX(0, pos + size - avio_tell(pb))); avio_skip(pb, FFMAX(0, pos + size - avio_tell(pb)));
} }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment