Message ID | 20200908212921.7408-2-michael@niedermayer.cc |
---|---|
State | New |
Headers | show |
Series | avcodec/fastaudio: Bugfixes | expand |
Context | Check | Description |
---|---|---|
andriy/default | pending | |
andriy/make | success | Make finished |
andriy/make_fate | success | Make fate finished |
On Tue, Sep 08, 2020 at 11:29:19PM +0200, Michael Niedermayer wrote: > Fixes: division by 0 > Fixes: 25419/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_FASTAUDIO_fuzzer-5632544761184256 > Fixes: 25433/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_FASTAUDIO_fuzzer-6215671900536832 > > Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg > Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> > --- > libavcodec/fastaudio.c | 3 +++ > 1 file changed, 3 insertions(+) > This should be in generic path somehow. There are decoders that does not need this check as they store number of channels in bitstream, but there are others that do not, and thus adding this check for each and every one of them is not nice.
On Wed, Sep 09, 2020 at 03:00:51AM +0200, Paul B Mahol wrote: > On Tue, Sep 08, 2020 at 11:29:19PM +0200, Michael Niedermayer wrote: > > Fixes: division by 0 > > Fixes: 25419/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_FASTAUDIO_fuzzer-5632544761184256 > > Fixes: 25433/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_FASTAUDIO_fuzzer-6215671900536832 > > > > Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg > > Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> > > --- > > libavcodec/fastaudio.c | 3 +++ > > 1 file changed, 3 insertions(+) > > > > This should be in generic path somehow. There are decoders that does not need this check > as they store number of channels in bitstream, but there are others that do not, and thus adding > this check for each and every one of them is not nice. Posted a implementation using a different, generic approuch but such generic approuch requires all decoders to declare correctly if they store the channel configuration in some header. I suspect not all codecs have this correct yet after the patchset. maybe you can check if your decoders set the flag correctly fate and a bunch of files i have all pass but i do not have input files for all decoders ... Thanks [...]
diff --git a/libavcodec/fastaudio.c b/libavcodec/fastaudio.c index de006acd9b..34857d1b88 100644 --- a/libavcodec/fastaudio.c +++ b/libavcodec/fastaudio.c @@ -41,6 +41,9 @@ static av_cold int fastaudio_init(AVCodecContext *avctx) { FastAudioContext *s = avctx->priv_data; + if (avctx->channels <= 0) + return AVERROR_INVALIDDATA; + avctx->sample_fmt = AV_SAMPLE_FMT_FLTP; for (int i = 0; i < 8; i++)
Fixes: division by 0 Fixes: 25419/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_FASTAUDIO_fuzzer-5632544761184256 Fixes: 25433/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_FASTAUDIO_fuzzer-6215671900536832 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> --- libavcodec/fastaudio.c | 3 +++ 1 file changed, 3 insertions(+)