Closed
Bug 1230423
Opened 9 years ago
Closed 8 years ago
FFMPEG: signed integer overflow in [@implicit_weight_table]
Categories
(Core :: Audio/Video: Playback, defect, P2)
Core
Audio/Video: Playback
Tracking
()
RESOLVED
FIXED
Tracking | Status | |
---|---|---|
firefox45 | --- | affected |
People
(Reporter: tsmith, Assigned: mozbugz)
References
Details
(Keywords: testcase)
Attachments
(2 files)
Found fuzzing ffmpeg commit: 259c71c199e9b4ea89bf4cb90ed0e207ddc9dff7 This is an Undefined behavior sanitizer (UBSan) runtime error. Looks like there are two in this function: libavcodec/h264_slice.c:786:36: runtime error: signed integer overflow: 2147483647 + 65545 cannot be represented in type 'int' libavcodec/h264_slice.c:812:46: runtime error: signed integer overflow: -8 - 2147483647 cannot be represented in type 'int' Run this command with an UBSan build: $ ./ffmpeg -v 0 -nostats -f h264 -i test_case.264 -f null -
Reporter | ||
Comment 1•9 years ago
|
||
Comment 3•8 years ago
|
||
Assigning to Gerald to make sure this gets followed-up.
Assignee: nobody → gsquelart
Comment 4•8 years ago
|
||
seems i missed or forgot about this one Should be fixed 7cc01c25727a96eaaa0c177234b626e47c8ea491 does not look security relevant
Flags: needinfo?(michael)
Updated•8 years ago
|
Priority: P1 → P2
Assignee | ||
Comment 5•8 years ago
|
||
As per comment 4, fixed in https://github.com/FFmpeg/FFmpeg/commit/7cc01c25727a96eaaa0c177234b626e47c8ea491
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•