oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

libass ass_outline.c signed integer overflow

From: Fstark <f734222792 () gmail com>
Date: Tue, 29 Sep 2020 08:19:19 +0800
In `ass_outline_construct`'s call to `outline_stroke` a signed integer
overflow happens *(undefined behaviour)*. On my machine signed overflow
happens to wrap around to a negative value, thus failing the assert.
https://github.com/libass/libass/issues/431

https://github.com/libass/libass/pull/432
Previous By Date Next
Previous By Thread Next

Current thread: