projects / ffmpeg.git / commitdiff
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 277384f)
avformat/aviobuf: Keep checksum_ptr consistent in avio_seek()
authorAndreas Rheinhardt <andreas.rheinhardt@outlook.com>
Fri, 11 Jul 2025 20:58:26 +0000 (22:58 +0200)
committerMichael Niedermayer <michael@niedermayer.cc>
Wed, 19 Nov 2025 01:04:57 +0000 (02:04 +0100)
Otherwise it might be > buf_ptr in which case ffio_get_checksum()
could segfault (s->buf_ptr - s->checksum_ptr would be negative
which would be converted to something very big when converted
to unsigned for the update_checksum callback).

Fixes ticket #11233.

Reported-by: Du4t
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
(cherry picked from commit 987c955cd7e972d9940284fa6ae7187ac858ebb1)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
libavformat/aviobuf.c patch | blob | history

diff --git a/libavformat/aviobuf.c b/libavformat/aviobuf.c
index 6a74c1ce68a50459fd1194d240aee9f706a6aa72..9041280e77a9db1db96a00f964c8275cabe83c4a 100644 (file)
--- a/libavformat/aviobuf.c
+++ b/libavformat/aviobuf.c
@@ -308,7 +308,7 @@ int64_t avio_seek(AVIOContext *s, int64_t offset, int whence)
         ctx->seek_count++;
         if (!s->write_flag)
             s->buf_end = s->buffer;
-        s->buf_ptr = s->buf_ptr_max = s->buffer;
+        s->checksum_ptr = s->buf_ptr = s->buf_ptr_max = s->buffer;
         s->pos = offset;
     }
     s->eof_reached = 0;
FFmpeg git repo