From 1ea9e8f693b753db83d521e98ad786d8f7b54874 Mon Sep 17 00:00:00 2001 From: Romain Vimont Date: Thu, 1 Feb 2024 17:27:14 +0100 Subject: [PATCH] Limit buffering time value This avoids unreasonable values which could lead to integer overflow. --- app/src/cli.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/app/src/cli.c b/app/src/cli.c index f7d7e390..b2b02ecd 100644 --- a/app/src/cli.c +++ b/app/src/cli.c @@ -1385,7 +1385,11 @@ parse_max_fps(const char *s, uint16_t *max_fps) { static bool parse_buffering_time(const char *s, sc_tick *tick) { long value; - bool ok = parse_integer_arg(s, &value, false, 0, 0x7FFFFFFF, + // In practice, buffering time should not exceed a few seconds. + // Limit it to some arbitrary value (1 hour) to prevent 32-bit overflow + // when multiplied by the audio sample size and the number of samples per + // millisecond. + bool ok = parse_integer_arg(s, &value, false, 0, 60 * 60 * 1000, "buffering time"); if (!ok) { return false;