This is an automated email from the git hooks/post-receive script. Git pushed a commit to branch release/8.0 in repository ffmpeg.
commit a8cd89512dcfb1d65810654eb2139f03ff038ddb Author: Michael Niedermayer <[email protected]> AuthorDate: Mon May 18 23:37:12 2026 +0200 Commit: Michael Niedermayer <[email protected]> CommitDate: Sun Jun 14 04:58:59 2026 +0200 avformat/flvdec: Check size at the top of the main loop Fixes: signed integer overflow Fixes: ffmpeg_flv_read_packet_libavformat_flvdec.c_1900_26.poc Found-by: iceray-Li Signed-off-by: Michael Niedermayer <[email protected]> (cherry picked from commit cc1459ed8559307bf94326343b7d4fbd64cc7d5e) Signed-off-by: Michael Niedermayer <[email protected]> --- libavformat/flvdec.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/libavformat/flvdec.c b/libavformat/flvdec.c index f8df1350ba..aafce388cc 100644 --- a/libavformat/flvdec.c +++ b/libavformat/flvdec.c @@ -1553,6 +1553,10 @@ skip: for (;;) { int track_size = size; + if (size < 0) { + ret = FFERROR_REDO; + goto leave; + } if (multitrack_type != MultitrackTypeOneTrack) { track_size = avio_rb24(s->pb); _______________________________________________ ffmpeg-cvslog mailing list -- [email protected] To unsubscribe send an email to [email protected]
