Message ID | 20210211211715.6234-2-michael@niedermayer.cc |
---|---|
State | New |
Headers | show |
Series | [FFmpeg-devel,1/4] avcodec/pnm_parser: Check av_image_get_buffer_size() for failure | expand |
Context | Check | Description |
---|---|---|
andriy/x86_make | success | Make finished |
andriy/x86_make_fate | success | Make fate finished |
andriy/PPC64_make | success | Make finished |
andriy/PPC64_make_fate | success | Make fate finished |
this is hack
On Thu, Feb 11, 2021 at 10:29:15PM +0100, Paul B Mahol wrote:
> this is hack
what else do you suggest?
thx
[...]
I suggest to write better non-hacky solutions. On Wed, Apr 28, 2021 at 4:33 PM Michael Niedermayer <michael@niedermayer.cc> wrote: > On Thu, Feb 11, 2021 at 10:29:15PM +0100, Paul B Mahol wrote: > > this is hack > > what else do you suggest? > > thx > > [...] > -- > Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB > > Old school: Use the lowest level language in which you can solve the > problem > conveniently. > New school: Use the highest level language in which the latest > supercomputer > can solve the problem without the user falling asleep waiting. > _______________________________________________ > ffmpeg-devel mailing list > ffmpeg-devel@ffmpeg.org > https://ffmpeg.org/mailman/listinfo/ffmpeg-devel > > To unsubscribe, visit link above, or email > ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe". >
On Thu, Apr 29, 2021 at 06:25:06PM +0200, Paul B Mahol wrote: > I suggest to write better non-hacky solutions. can you be more specific ? thx > > On Wed, Apr 28, 2021 at 4:33 PM Michael Niedermayer <michael@niedermayer.cc> > wrote: > > > On Thu, Feb 11, 2021 at 10:29:15PM +0100, Paul B Mahol wrote: > > > this is hack > > > > what else do you suggest? > > > > thx > > > > [...] > > -- > > Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB > > > > Old school: Use the lowest level language in which you can solve the > > problem > > conveniently. > > New school: Use the highest level language in which the latest > > supercomputer > > can solve the problem without the user falling asleep waiting. > > _______________________________________________ > > ffmpeg-devel mailing list > > ffmpeg-devel@ffmpeg.org > > https://ffmpeg.org/mailman/listinfo/ffmpeg-devel > > > > To unsubscribe, visit link above, or email > > ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe". > > > _______________________________________________ > ffmpeg-devel mailing list > ffmpeg-devel@ffmpeg.org > https://ffmpeg.org/mailman/listinfo/ffmpeg-devel > > To unsubscribe, visit link above, or email > ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe". >
diff --git a/libavcodec/mv30.c b/libavcodec/mv30.c index 7ae264e0f0..c92048a179 100644 --- a/libavcodec/mv30.c +++ b/libavcodec/mv30.c @@ -411,6 +411,8 @@ static int decode_intra(AVCodecContext *avctx, GetBitContext *gb, AVFrame *frame mgb = *gb; if (get_bits_left(gb) < s->mode_size * 8) return AVERROR_INVALIDDATA; + if (get_bits_left(&mgb) < (avctx->height + 15)/16 * ((avctx->width + 15)/16) * 12) + return AVERROR_INVALIDDATA; skip_bits_long(gb, s->mode_size * 8);
Fixes: Timeout (>10sec -> instantaneous) Fixes: 30147/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MV30_fuzzer-5549246684200960 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> --- libavcodec/mv30.c | 2 ++ 1 file changed, 2 insertions(+)