Steve Lhomme pushed to branch master at VideoLAN / VLC
Commits:
1c4e8b0e by François Cartegnie at 2026-01-07T06:10:26+00:00
Revert "demux: subtitle: fix potential integer overflow in SubRip timings"
This reverts commit 2c7789176ce38d4435928fd46a76003a5ce2baaa.
- - - - -
9d682d7e by François Cartegnie at 2026-01-07T06:10:26+00:00
Revert "demux: subtitle: checked the parsed strings have usable values"
This reverts commit 751508b85c43313fc262f5274871e9cc1c7a9ec3.
- - - - -
2ef92b2a by François Cartegnie at 2026-01-07T06:10:26+00:00
demux: subtitle: add HMS helper to avoid int overflows
- - - - -
1 changed file:
- modules/demux/subtitle.c
Changes:
=====================================
modules/demux/subtitle.c
=====================================
@@ -40,7 +40,6 @@
#include <ctype.h>
#include <math.h>
#include <assert.h>
-#include <stdckdint.h>
#include <vlc_demux.h>
#include <vlc_charset.h>
@@ -242,6 +241,11 @@ static int Control( demux_t *, int, va_list );
static void Fix( demux_t * );
static char *get_language_from_url(const char *);
+static vlc_tick_t vlc_tick_from_HMS( int h, int m, int s )
+{
+ return vlc_tick_from_sec(h * INT64_C(3600) + m * INT64_C(60) + s);
+}
+
/*****************************************************************************
* Decoder format output function
*****************************************************************************/
@@ -1138,7 +1142,6 @@ static int subtitle_ParseSubRipTimingValue(vlc_tick_t
*timing_value,
const char *s, size_t length)
{
int h1, m1, s1, d1 = 0;
- int64_t sec, ms, total;
int count;
if (sscanf(s, "%d:%d:%d,%d%n", &h1, &m1, &s1, &d1, &count) == 4
@@ -1157,14 +1160,8 @@ static int subtitle_ParseSubRipTimingValue(vlc_tick_t
*timing_value,
return VLC_EGENERIC;
success:
- if (ckd_mul(&sec, h1, 3600) ||
- ckd_mul(&ms, m1, 60) ||
- ckd_add(&total, sec, ms) ||
- ckd_add(&total, total, s1))
- return VLC_EINVAL;
-
(*timing_value) = VLC_TICK_0
- + vlc_tick_from_sec(total)
+ + vlc_tick_from_HMS(h1, m1, s1)
+ VLC_TICK_FROM_MS(d1);
return VLC_SUCCESS;
@@ -1213,23 +1210,10 @@ static int subtitle_ParseSubViewerTiming( subtitle_t
*p_subtitle,
&h1, &m1, &s1, &d1, &h2, &m2, &s2, &d2) != 8 )
return VLC_EGENERIC;
- int64_t sec, ms, total;
- if (ckd_mul(&sec, h1, 3600) ||
- ckd_mul(&ms, m1, 60) ||
- ckd_add(&total, sec, ms) ||
- ckd_add(&total, total, s1))
- return VLC_EINVAL;
-
- p_subtitle->i_start = vlc_tick_from_sec( total ) +
+ p_subtitle->i_start = vlc_tick_from_HMS( h1, m1, s1 ) +
VLC_TICK_FROM_MS( d1 ) + VLC_TICK_0;
- if (ckd_mul(&sec, h2, 3600) ||
- ckd_mul(&ms, m2, 60) ||
- ckd_add(&total, sec, ms) ||
- ckd_add(&total, total, s2))
- return VLC_EINVAL;
-
- p_subtitle->i_stop = vlc_tick_from_sec( total ) +
+ p_subtitle->i_stop = vlc_tick_from_HMS( h2, m2, s2 ) +
VLC_TICK_FROM_MS( d2 ) + VLC_TICK_0;
return VLC_SUCCESS;
}
@@ -1326,9 +1310,9 @@ static int ParseSSA( vlc_object_t *p_obj,
subs_properties_t *p_props,
psz_text = psz_temp;
}
- p_subtitle->i_start = vlc_tick_from_sec( h1 * 3600 + m1 * 60 + s1
) +
+ p_subtitle->i_start = vlc_tick_from_HMS( h1, m1, s1 ) +
VLC_TICK_FROM_MS( c1 * 10 ) + VLC_TICK_0;
- p_subtitle->i_stop = vlc_tick_from_sec( h2 * 3600 + m2 * 60 + s2
) +
+ p_subtitle->i_stop = vlc_tick_from_HMS( h2, m2, s2 ) +
VLC_TICK_FROM_MS( c2 * 10 ) + VLC_TICK_0;
p_subtitle->psz_text = psz_text;
return VLC_SUCCESS;
@@ -1378,7 +1362,7 @@ static int ParseVplayer( vlc_object_t *p_obj,
subs_properties_t *p_props,
if( sscanf( s, "%d:%d:%d%*c%[^\r\n]",
&h1, &m1, &s1, psz_text ) == 4 )
{
- p_subtitle->i_start = VLC_TICK_0 + vlc_tick_from_sec( h1 * 3600 +
m1 * 60 + s1 );
+ p_subtitle->i_start = VLC_TICK_0 + vlc_tick_from_HMS( h1, m1, s1 );
p_subtitle->i_stop = -1;
break;
}
@@ -1539,7 +1523,7 @@ static int ParseDVDSubtitle(vlc_object_t *p_obj,
subs_properties_t *p_props,
"{T %d:%d:%d:%d",
&h1, &m1, &s1, &c1 ) == 4 )
{
- p_subtitle->i_start = vlc_tick_from_sec( h1 * 3600 + m1 * 60 + s1
) +
+ p_subtitle->i_start = vlc_tick_from_HMS( h1, m1, s1 ) +
VLC_TICK_FROM_MS( c1 * 10 ) + VLC_TICK_0;
p_subtitle->i_stop = -1;
break;
@@ -1720,8 +1704,8 @@ static int ParsePJS(vlc_object_t *p_obj,
subs_properties_t *p_props,
if( sscanf (s, "%d,%d,\"%[^\n\r]", &t1, &t2, psz_text ) == 3 )
{
/* 1/10th of second ? Frame based ? FIXME */
- p_subtitle->i_start = VLC_TICK_0 + 10 * t1;
- p_subtitle->i_stop = VLC_TICK_0 + 10 * t2;
+ p_subtitle->i_start = VLC_TICK_0 + INT64_C(10) * t1;
+ p_subtitle->i_stop = VLC_TICK_0 + INT64_C(10) * t2;
/* Remove latest " */
psz_text[ strlen(psz_text) - 1 ] = '\0';
@@ -1866,10 +1850,10 @@ static int ParseJSS( vlc_object_t *p_obj,
subs_properties_t *p_props,
if( sscanf( s, "%d:%d:%d.%d %d:%d:%d.%d %[^\n\r]",
&h1, &m1, &s1, &f1, &h2, &m2, &s2, &f2, psz_text ) == 9 )
{
- p_subtitle->i_start = VLC_TICK_0 + vlc_tick_from_sec( ( h1 *3600 +
m1 * 60 + s1 ) +
- (int64_t)( ( f1 + p_props->jss.i_time_shift ) /
p_props->jss.i_time_resolution ) );
- p_subtitle->i_stop = VLC_TICK_0 + vlc_tick_from_sec( ( h2 *3600 +
m2 * 60 + s2 ) +
- (int64_t)( ( f2 + p_props->jss.i_time_shift ) /
p_props->jss.i_time_resolution ) );
+ p_subtitle->i_start = VLC_TICK_0 + vlc_tick_from_HMS( h1, m1, s1 )
+
+ vlc_tick_from_sec( ( f1 + p_props->jss.i_time_shift ) /
p_props->jss.i_time_resolution );
+ p_subtitle->i_stop = VLC_TICK_0 + vlc_tick_from_HMS( h2, m2, s2 ) +
+ vlc_tick_from_sec( ( f2 + p_props->jss.i_time_shift ) /
p_props->jss.i_time_resolution );
break;
}
/* Short time lines */
@@ -1927,7 +1911,7 @@ static int ParseJSS( vlc_object_t *p_obj,
subs_properties_t *p_props,
sscanf( &psz_text[shift], "%d.%d", &sec, &f);
sec *= inv;
}
- p_props->jss.i_time_shift = ( ( h * 3600 + m * 60 + sec )
+ p_props->jss.i_time_shift = ( ( h * INT64_C(3600) + m *
INT64_C(60) + sec )
* p_props->jss.i_time_resolution + f ) * inv;
}
break;
@@ -2103,8 +2087,8 @@ static int ParsePSB( vlc_object_t *p_obj,
subs_properties_t *p_props,
if( sscanf( s, "{%d:%d:%d}{%d:%d:%d}%[^\r\n]",
&h1, &m1, &s1, &h2, &m2, &s2, psz_text ) == 7 )
{
- p_subtitle->i_start = VLC_TICK_0 + vlc_tick_from_sec( h1 * 3600 +
m1 * 60 + s1 );
- p_subtitle->i_stop = VLC_TICK_0 + vlc_tick_from_sec( h2 * 3600 +
m2 * 60 + s2 );
+ p_subtitle->i_start = VLC_TICK_0 + vlc_tick_from_HMS( h1, m1, s1 );
+ p_subtitle->i_stop = VLC_TICK_0 + vlc_tick_from_HMS( h2, m2, s2 );
break;
}
free( psz_text );
@@ -2126,12 +2110,12 @@ static vlc_tick_t ParseRealTime( const char *psz )
int h, m, s, f;
if( sscanf( psz, "%d:%d:%d.%d", &h, &m, &s, &f ) == 4 )
{
- return vlc_tick_from_sec((( h * 60 + m ) * 60 ) + s )
+ return vlc_tick_from_HMS( h, m, s )
+ VLC_TICK_FROM_MS(f * 10) + VLC_TICK_0;
}
if( sscanf( psz, "%d:%d.%d", &m, &s, &f ) == 3 )
{
- return vlc_tick_from_sec(( m * 60 ) + s )
+ return vlc_tick_from_HMS( 0, m, s )
+ VLC_TICK_FROM_MS(f * 10) + VLC_TICK_0;
}
if( sscanf( psz, "%d.%d", &s, &f ) == 2 )
@@ -2141,7 +2125,7 @@ static vlc_tick_t ParseRealTime( const char *psz )
}
if( sscanf( psz, "%d:%d", &m, &s ) == 2 )
{
- return vlc_tick_from_sec(( m * 60 ) + s )
+ return vlc_tick_from_HMS( 0, m, s )
+ VLC_TICK_0;
}
if( sscanf( psz, "%d", &s ) == 1 )
@@ -2274,7 +2258,7 @@ static int ParseDKS( vlc_object_t *p_obj,
subs_properties_t *p_props,
if( sscanf( s, "[%d:%d:%d]%[^\r\n]",
&h1, &m1, &s1, psz_text ) == 4 )
{
- p_subtitle->i_start = VLC_TICK_0 + vlc_tick_from_sec( h1 * 3600 +
m1 * 60 + s1 );
+ p_subtitle->i_start = VLC_TICK_0 + vlc_tick_from_HMS( h1, m1, s1 );
s = TextGetLine( txt );
if( !s )
@@ -2284,7 +2268,7 @@ static int ParseDKS( vlc_object_t *p_obj,
subs_properties_t *p_props,
}
if( sscanf( s, "[%d:%d:%d]", &h2, &m2, &s2 ) == 3 )
- p_subtitle->i_stop = vlc_tick_from_sec(h2 * 3600 + m2 * 60 +
s2 );
+ p_subtitle->i_stop = vlc_tick_from_HMS( h2, m2, s2 );
else
p_subtitle->i_stop = -1;
break;
@@ -2323,7 +2307,7 @@ static int ParseSubViewer1( vlc_object_t *p_obj,
subs_properties_t *p_props,
if( sscanf( s, "[%d:%d:%d]", &h1, &m1, &s1 ) == 3 )
{
- p_subtitle->i_start = VLC_TICK_0 + vlc_tick_from_sec( h1 * 3600 +
m1 * 60 + s1 );
+ p_subtitle->i_start = VLC_TICK_0 + vlc_tick_from_HMS( h1, m1, s1 );
s = TextGetLine( txt );
if( !s )
@@ -2341,7 +2325,7 @@ static int ParseSubViewer1( vlc_object_t *p_obj,
subs_properties_t *p_props,
}
if( sscanf( s, "[%d:%d:%d]", &h2, &m2, &s2 ) == 3 )
- p_subtitle->i_stop = vlc_tick_from_sec( h2 * 3600 + m2 * 60 +
s2 );
+ p_subtitle->i_stop = vlc_tick_from_HMS( h2, m2, s2 );
else
p_subtitle->i_stop = -1;
@@ -2375,10 +2359,10 @@ static int ParseCommonSBV( vlc_object_t *p_obj,
subs_properties_t *p_props,
&h1, &m1, &s1, &d1,
&h2, &m2, &s2, &d2 ) == 8 )
{
- p_subtitle->i_start = vlc_tick_from_sec( h1 * 3600 + m1 * 60 + s1
) +
+ p_subtitle->i_start = vlc_tick_from_HMS( h1, m1, s1 ) +
VLC_TICK_FROM_MS( d1 ) + VLC_TICK_0;
- p_subtitle->i_stop = vlc_tick_from_sec( h2 * 3600 + m2 * 60 + s2
) +
+ p_subtitle->i_stop = vlc_tick_from_HMS( h2, m2, s2 ) +
VLC_TICK_FROM_MS( d2 ) + VLC_TICK_0;
if( p_subtitle->i_start < p_subtitle->i_stop )
break;
@@ -2461,7 +2445,7 @@ static int ParseSCC( vlc_object_t *p_obj,
subs_properties_t *p_props,
continue;
/* convert everything to seconds */
- uint64_t i_frames = h * 3600 + m * 60 + s;
+ int64_t i_frames = h * INT64_C(3600) + m * INT64_C(60) + s;
if( c == ';' && p_rate->b_drop_allowed ) /* dropframe */
{
View it on GitLab:
https://code.videolan.org/videolan/vlc/-/compare/ace499bad067b3aed23dd1a02e3b6c61b929526b...2ef92b2aefcab1b4aa14a8a54d7321b6e2ac60ac
--
View it on GitLab:
https://code.videolan.org/videolan/vlc/-/compare/ace499bad067b3aed23dd1a02e3b6c61b929526b...2ef92b2aefcab1b4aa14a8a54d7321b6e2ac60ac
You're receiving this email because of your account on code.videolan.org.
VideoLAN code repository instance_______________________________________________
vlc-commits mailing list
[email protected]
https://mailman.videolan.org/listinfo/vlc-commits
