[oss-fuzz 4825292251398144] Integer-overflow · webvtt_scan_time

Ref:

• https://oss-fuzz.com/testcase-detail/4825292251398144
• https://oss-fuzz.com/testcase-detail/6285226361028608

xeon ~/work/git/vlc/build-ubsan $ UBSAN_OPTIONS=print_stacktrace=1:halt_on_error=1:exitcode=42 ./test/vlc-demux-dec-run /home/tom/Downloads/clusterfuzz-testcase-vlc-demux-dec-libfuzzer-4825292251398144 
../../modules/codec/webvtt/webvtt.c:95:12: runtime error: signed integer overflow: -1802339103 * 3600 cannot be represented in type 'int'
    #0 0x7f0fbc2133b4 in MakeTime ../../modules/codec/webvtt/webvtt.c:95
    #1 0x7f0fbc213c59 in webvtt_scan_time ../../modules/codec/webvtt/webvtt.c:112
    #2 0x7f0fbc214146 in webvtt_text_parser_Feed ../../modules/codec/webvtt/webvtt.c:251
    #3 0x7f0fbc2195f7 in ReadWEBVTT ../../modules/demux/webvtt.c:395
    #4 0x7f0fbc219b54 in webvtt_OpenDemux ../../modules/demux/webvtt.c:663
    #5 0x7f0fbe41b06f in demux_Probe ../../src/input/demux.c:112
    #6 0x7f0fbe3bde4f in vlc_module_load ../../src/modules/modules.c:230
    #7 0x7f0fbe41bdc3 in demux_NewAdvanced ../../src/input/demux.c:196
    #8 0x7f0fbe41c20c in demux_New ../../src/input/demux.c:77
    #9 0x55a68967a354 in demux_process_stream ../../test/src/input/demux-run.c:300
    #10 0x55a68967a5a5 in vlc_demux_process_url ../../test/src/input/demux-run.c:354
    #11 0x55a68967a648 in vlc_demux_process_path ../../test/src/input/demux-run.c:368
    #12 0x55a689679453 in main ../../test/vlc-demux-run.c:50
    #13 0x7f0fbd833ca7 in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
    #14 0x7f0fbd833d64 in __libc_start_main_impl ../csu/libc-start.c:360
    #15 0x55a6896792e0 in _start (/home/tom/work/git/vlc/build-ubsan/test/vlc-demux-dec-run+0x32e0) (BuildId: 34e33452c37c84ba30e70197ed5977f9fba41c16)

Samples:

• clusterfuzz-testcase-vlc-demux-dec-libfuzzer-4825292251398144
• clusterfuzz-testcase-vlc-demux-dec-libfuzzer-webvtt-6285226361028608