From 3faadbe2a27e74ff5bb5f7904ec27bb1f5287dc8 Mon Sep 17 00:00:00 2001
From: Michael Niedermayer <michael@niedermayer.cc>
Date: Thu, 18 Jul 2024 21:12:54 +0200
Subject: [PATCH] avcodec/pnmdec: Use 64bit for input size check
References: CVE-2024-7055
References: bsc#1229026
Upstream: Backport from upstream

Fixes: out of array read
Fixes: poc3

Reported-by: VulDB CNA Team
Found-by: CookedMelon
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
---
 libavcodec/pnmdec.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

--- ffmpeg-5.1.4/libavcodec/pnmdec.c
+++ ffmpeg-5.1.4_new/libavcodec/pnmdec.c
@@ -260,7 +260,7 @@
         break;
     case AV_PIX_FMT_GBRPF32:
         if (!s->half) {
-        if (avctx->width * avctx->height * 12 > s->bytestream_end - s->bytestream)
+        if (avctx->width * avctx->height * 12LL > s->bytestream_end - s->bytestream)
             return AVERROR_INVALIDDATA;
         scale = 1.f / s->scale;
         if (s->endian) {