packetizer: flac: avoid integer overflow

Fixes #29010 Fixes https://issues.oss-fuzz.com/issues/42503720 found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/vlc
1 year ago · d0100b92ac
1 changed files with 4 additions and 0 deletions
--- a/modules/packetizer/flac.h
+++ b/modules/packetizer/flac.h
@ -245,6 +245,10 @@ static inline int FLAC_ParseSyncInfo(const uint8_t *p_buf, unsigned i_buf,
    if (i_fsnumber == UINT64_MAX)
        return 0;

+    /* Invalid Sample/Frame number */
+    if (stream_info->total_samples != 0 && i_fsnumber > stream_info->total_samples)
+        return 0;
+
    i_header += i_read;

    /* Read blocksize */