This is an automated email from the git hooks/post-receive script. Git pushed a commit to branch master in repository ffmpeg.
commit 404775a1412d150f2ab79fe3853a2156ddd6c2a0 Author: Michael Niedermayer <[email protected]> AuthorDate: Wed Jan 21 01:38:42 2026 +0100 Commit: michaelni <[email protected]> CommitDate: Fri Jan 23 17:53:33 2026 +0000 swscale/utils: Sanity check sizeFactor Fixes: multiple integer overflows Fixes: out of array access The PoC modifies filter parameters generally inaccessable to an attacker Found-by: Zhenpeng (Leo) Lin from depthfirst Signed-off-by: Michael Niedermayer <[email protected]> --- libswscale/utils.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/libswscale/utils.c b/libswscale/utils.c index 394a683696..24942fe6da 100644 --- a/libswscale/utils.c +++ b/libswscale/utils.c @@ -275,6 +275,11 @@ static av_cold int initFilter(int16_t **outFilter, int32_t **filterPos, sizeFactor = param[0] != SWS_PARAM_DEFAULT ? ceil(2 * param[0]) : 6; av_assert0(sizeFactor > 0); + if (sizeFactor > 50) { + ret = AVERROR(EINVAL); + goto fail; + } + if (xInc <= 1 << 16) filterSize = 1 + sizeFactor; // upscale else _______________________________________________ ffmpeg-cvslog mailing list -- [email protected] To unsubscribe send an email to [email protected]
