Stowage/ffmpeg
2
0
Fork 0
mirror of https://git.ffmpeg.org/ffmpeg.git synced 2026-02-21 23:00:22 +00:00
Code Issues Projects Releases Packages Wiki Activity

tools/target_dec_fuzzer: Use av_buffer_allocz() to avoid missing slices to have unpredictable content

Browse source 
This matches production code which also zeros these buffers

Fixes: use of uninitialized values
Fixes: 70885/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VP6F_fuzzer-4610946029387776 (and likely others)

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 1b8d95da3a)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This commit is contained in:
Michael Niedermayer 2024-08-07 00:18:52 +02:00
parent c07fe9a3eb
commit 18fcdb860d
No known key found for this signature in database
GPG key ID: B18E8928B3948D64
1 changed files with 1 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
tools/target_dec_fuzzer.c
View file

@ -128,7 +128,7 @@ static int fuzz_video_get_buffer(AVCodecContext *ctx, AVFrame *frame)
frame->extended_data = frame->data;
for (i = 0; i < 4 && size[i]; i++) {
frame->buf[i] = av_buffer_alloc(size[i]);
frame->buf[i] = av_buffer_allocz(size[i]);
if (!frame->buf[i])
goto fail;
frame->data[i] = frame->buf[i]->data;