This is an automated email from the git hooks/post-receive script. Git pushed a commit to branch release/8.0 in repository ffmpeg.
commit 01c828bac16f85e42753bd597db8245978b3a3ac Author: David Korczynski <[email protected]> AuthorDate: Wed May 20 15:15:01 2026 -0700 Commit: Michael Niedermayer <[email protected]> CommitDate: Sun Jun 14 04:59:12 2026 +0200 avformat/dhav: Fix second integer overflow in get_duration() Fixes: ada-2-poc.dhav Found-by: Claude and Ada Logics. This issue was found by Anthropic from using agents to study security of open source projects, and I am from Ada Logics helping validate the found issues and report to maintainers. (cherry picked from commit 50e65074f5cca638d6dd4cf9db4b6dcf4f0a863e) Signed-off-by: Michael Niedermayer <[email protected]> --- libavformat/dhav.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libavformat/dhav.c b/libavformat/dhav.c index e5eef290b8..e6279ea31a 100644 --- a/libavformat/dhav.c +++ b/libavformat/dhav.c @@ -279,7 +279,7 @@ static int64_t get_duration(AVFormatContext *s) } } - if (pos < buffer_pos || pos + 20 > buffer_pos + buffer_size) + if (pos < buffer_pos || pos - buffer_pos > buffer_size - 20) goto fail; date = AV_RL32(buffer + (pos - buffer_pos) + 16); _______________________________________________ ffmpeg-cvslog mailing list -- [email protected] To unsubscribe send an email to [email protected]
