Commit d73f0c58 authored by Michael Niedermayer's avatar Michael Niedermayer

avformat/asfenc: Flush packet before duration becomes unrepresentable

Fixes: 0063df8be3aaa30dd6d76f59c8f818c8/signal_sigsegv_7b7b59_3634_bf418b6822bbfa68734411d96b667be3.mov
Fixes assertion failure

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: 's avatarMichael Niedermayer <michael@niedermayer.cc>
parent 782c4ab4
...@@ -862,6 +862,11 @@ static void put_frame(AVFormatContext *s, ASFStream *stream, AVStream *avst, ...@@ -862,6 +862,11 @@ static void put_frame(AVFormatContext *s, ASFStream *stream, AVStream *avst,
flush_packet(s); flush_packet(s);
continue; continue;
} }
if (asf->packet_timestamp_start > INT64_MAX - UINT16_MAX ||
timestamp > asf->packet_timestamp_start + UINT16_MAX) {
flush_packet(s);
continue;
}
} }
if (frag_len1 > 0) { if (frag_len1 > 0) {
if (payload_len > frag_len1) if (payload_len > frag_len1)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment