Opened 5 years ago
Closed 5 years ago
#8153 closed defect (fixed)
signed integer overflow and invalid left shift in libavcodec/ttaenc.c
Reported by: | Suhwan | Owned by: | |
---|---|---|---|
Priority: | normal | Component: | avcodec |
Version: | git-master | Keywords: | ubsan |
Cc: | Blocked By: | ||
Blocking: | Reproduced by developer: | no | |
Analyzed by developer: | no |
Description
Summary of the bug:
There're signed integer overflow bug and invalid left shift in libavcodec/ttaenc.c
libavcodec/ttaenc.c:167:45: runtime error: left shift of 1 by 31 places cannot be represented in type 'int' SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior libavcodec/ttaenc.c:167:45 in libavcodec/ttaenc.c:167:55: runtime error: signed integer overflow: -2147483648 - 1 cannot be represented in type 'int' SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior libavcodec/ttaenc.c:167:55 in
How to reproduce:
% ./ffmpeg_g -t 0 -stream_loop 17 -y -r 55 -i ting-dualchannel44.1.wav -map 0 -ab 687k -ac 22 -b:v 854k output/tmp.tta ffmpeg version N-94887-ge55018ee11 (git master) built on ubuntu 18.04 with clang-6 and UBSAN option.
Attachments (2)
Change History (3)
by , 5 years ago
Attachment: | ting-dualchannel44.1.wav added |
---|
by , 5 years ago
Attachment: | gdb-ttaenc added |
---|
comment:1 by , 5 years ago
Component: | undetermined → avcodec |
---|---|
Resolution: | → fixed |
Status: | new → closed |
Fixed in 3ab488a5407f833ecc66e8fa4c537dc4852db720.
Note:
See TracTickets
for help on using tickets.
poc