projects / libav.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 1030678)
CVE-2016-2326
authorDebian Multimedia Maintainers <pkg-multimedia-maintainers@lists.alioth.debian.org>
Fri, 17 Jun 2016 23:37:24 +0000 (23:37 +0000)
committerRaspbian forward porter <root@raspbian.org>
Fri, 17 Jun 2016 23:37:24 +0000 (23:37 +0000)
Gbp-Pq: Name CVE-2016-2326.patch

libavformat/asfenc.c patch | blob | history

diff --git a/libavformat/asfenc.c b/libavformat/asfenc.c
index 1cfc857418e91ef421f5387801cc10ef2ab0ad78..d1ab2b7e68a69f5f1ac4c8febc9e0cdbbc72b194 100644 (file)
--- a/libavformat/asfenc.c
+++ b/libavformat/asfenc.c
@@ -800,6 +800,11 @@ static int asf_write_packet(AVFormatContext *s, AVPacket *pkt)
 
     pts = (pkt->pts != AV_NOPTS_VALUE) ? pkt->pts : pkt->dts;
     assert(pts != AV_NOPTS_VALUE);
+    if (   pts < - PREROLL_TIME
+        || pts > (INT_MAX-3)/10000LL * ASF_INDEXED_INTERVAL - PREROLL_TIME) {
+        av_log(s, AV_LOG_ERROR, "input pts %"PRId64" is invalid\n", pts);
+        return AVERROR(EINVAL);
+    }
     duration = pts * 10000;
     asf->duration= FFMAX(asf->duration, duration + pkt->duration * 10000);
 
Unnamed repository; edit this file 'description' to name the repository.