avcodec/aom_film_grain: avoid duplicate indexes in ff_aom_parse_film_grain_sets()

Fixes: use after free Fixes: 478301106/clusterfuzz-testcase-minimized-ffmpeg_dem_HEVC_fuzzer-6155792247226368 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit ebb6ac1bc7) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2026-06-15 03:50:31 +00:00 · 2026-02-06 03:27:20 +01:00 · 2026-02-06 03:27:20 +01:00 · 9909d4e88c
commit 9909d4e88c
parent ed9d8dd74b
1 changed files with 2 additions and 1 deletions
--- a/libavcodec/aom_film_grain.c
+++ b/libavcodec/aom_film_grain.c
@ -152,8 +152,9 @@ int ff_aom_parse_film_grain_sets(AVFilmGrainAFGS1Params *s,
        payload_4byte = get_bits1(gb);
        payload_size = get_bits(gb, payload_4byte ? 2 : 8);
        set_idx = get_bits(gb, 3);
+
        fgp = av_film_grain_params_alloc(&fgp_size);
-        if (!fgp)
+        if (!fgp || s->sets[set_idx])
            goto error;
        aom = &fgp->codec.aom;