Stowage/ffmpeg
2
0
Fork 0
mirror of https://git.ffmpeg.org/ffmpeg.git synced 2025-10-19 18:03:17 +00:00
Code Issues Projects Releases Packages Wiki Activity

libavcodec/8bps: Check that line lengths fit within the buffer

Browse source 
Fixes: Timeout
Fixes: undefined pointer arithmetic
Fixes: 50330/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_EIGHTBPS_fuzzer-5436287485607936

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 2316d5ec1a)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This commit is contained in:
Michael Niedermayer 2022-08-22 22:10:09 +02:00
parent d2f7d6a380
commit 2d83c7492d
No known key found for this signature in database
GPG key ID: B18E8928B3948D64
1 changed files with 3 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

3
libavcodec/8bps.c
View file

@ -70,6 +70,9 @@ static int decode_frame(AVCodecContext *avctx, void *data,
unsigned char *planemap = c->planemap; unsigned char *planemap = c->planemap;
int ret; int ret;
if (buf_size < planes * height *2)
return AVERROR_INVALIDDATA;
if ((ret = ff_get_buffer(avctx, frame, 0)) < 0) if ((ret = ff_get_buffer(avctx, frame, 0)) < 0)
return ret; return ret;