From 816a42c4f0913c8a316fec290075d8da336639ad Mon Sep 17 00:00:00 2001
From: Maks Maltsev <malt1640@ya.ru>
Date: Tue, 7 Oct 2025 17:35:08 +0300
Subject: [PATCH] fix potential integer overflow

Multiplication of two `uint32_t` might overflow before it is widened to `uint64_t`
---
 src/http/modules/ngx_http_mp4_module.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/http/modules/ngx_http_mp4_module.c b/src/http/modules/ngx_http_mp4_module.c
index b7bd192df..d27d6219e 100644
--- a/src/http/modules/ngx_http_mp4_module.c
+++ b/src/http/modules/ngx_http_mp4_module.c
@@ -2460,7 +2460,7 @@ found:
         start_sample -= key_prefix;
 
         while (rest < key_prefix) {
-            trak->prefix += rest * duration;
+            trak->prefix += (uint64_t) rest * duration;
             key_prefix -= rest;
 
             entry--;
@@ -2471,7 +2471,7 @@ found:
             rest = count;
         }
 
-        trak->prefix += key_prefix * duration;
+        trak->prefix += (uint64_t) key_prefix * duration;
         trak->duration += trak->prefix;
         rest -= key_prefix;