# Vulnerability Summary ## Vulnerability Overview - **Vulnerability Type**: Integer Overflow - **Description**: An integer overflow issue exists in the files `src/isomedia/box_code_base.c` and `src/isomedia/isom_intern.c`, which may lead to program crashes or security vulnerabilities. ## Scope of Impact - **Affected Files**: - `src/isomedia/box_code_base.c` - `src/isomedia/isom_intern.c` - **Specific Locations**: - `GF_ExtendedLanguageBox` function in `box_code_base.c` - `GetMediaTime` function in `isom_intern.c` ## Remediation - **Fix Details**: - In `box_code_base.c`, a check was added for `ptr->size` to ensure it does not exceed `GF_UINT_MAX`, preventing integer overflow. - In `isom_intern.c`, checks were added for `mediaTime` and `mediaTime_increment` to ensure they do not exceed `GF_INT64_MAX`, preventing integer overflow. ### Fix Code #### `src/isomedia/box_code_base.c` ```c if (ptr->size > GF_UINT_MAX) { return GF_ISOM_INVALID_FILE; } ``` #### `src/isomedia/isom_intern.c` ```c if (ent->mediaTime > GF_INT64_MAX - mediaTime_increment) { return GF_ISOM_INVALID_FILE; } ``` ## Notes - This fix was submitted by `aureliendavid` three weeks ago. - It resolves issues #3515 and #3516.