mov_probe: fix integer overflows

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Gbp-Pq: Name CVE-2018-11102-1.patch

diff --git a/libavformat/mov.c b/libavformat/mov.c
index b51e41b690cf8a09b2ea7717bc52bfeb4b4b3c36..1089bf2923ca2b361de1babc4c188eb430d5185b 100644 (file)
--- a/libavformat/mov.c
+++ b/libavformat/mov.c
@@ -2916,7 +2916,7 @@ static int mov_read_default(MOVContext *c, AVIOContext *pb, MOVAtom atom)
 
 static int mov_probe(AVProbeData *p)
 {
-    unsigned int offset;
+    int64_t offset;
     uint32_t tag;
     int score = 0;