| commit | 1b902022e4e8344fa1bebe63e68fbf5a073482d8 | [log] [tgz] |
|---|---|---|
| author | Maxim Dounin <mdounin@mdounin.ru> | Tue Jun 07 21:58:52 2022 +0300 |
| committer | Maxim Dounin <mdounin@mdounin.ru> | Tue Jun 07 21:58:52 2022 +0300 |
| tree | c7312f07d2d6fe3e055dfd815e1f61f68843dc7f | |
| parent | 65d275a46c7e8b83ba606ed18fd620f330a0b97a [diff] |
Mp4: fixed potential overflow in ngx_http_mp4_crop_stts_data(). Both "count" and "duration" variables are 32-bit, so their product might potentially overflow. It is used to reduce 64-bit start_time variable, and with very large start_time this can result in incorrect seeking. Found by Coverity (CID 1499904).