Message ID | 20220225152940.26446-1-michael@niedermayer.cc |
---|---|
State | New |
Headers | show |
Series | [FFmpeg-devel] avcodec/h263dec: Check input size before GEOV/GEOX special case handling | expand |
Context | Check | Description |
---|---|---|
yinshiyou/make_loongarch64 | success | Make finished |
yinshiyou/make_fate_loongarch64 | success | Make fate finished |
andriy/make_aarch64_jetson | success | Make finished |
andriy/make_fate_aarch64_jetson | success | Make fate finished |
andriy/make_armv7_RPi4 | success | Make finished |
andriy/make_fate_armv7_RPi4 | success | Make fate finished |
Michael Niedermayer: > Fixes: Timeout > Fixes: 44921/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MPEG4_fuzzer-6546588791603200 > > Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg > Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> > --- > libavcodec/h263dec.c | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/libavcodec/h263dec.c b/libavcodec/h263dec.c > index e940b7f7c7..56a41f6d05 100644 > --- a/libavcodec/h263dec.c > +++ b/libavcodec/h263dec.c > @@ -702,6 +702,7 @@ frame_end: > > if (s->last_picture_ptr || s->low_delay) { > if ( pict->format == AV_PIX_FMT_YUV420P > + && buf_size*16LL > s->mb_num > && (s->codec_tag == AV_RL32("GEOV") || s->codec_tag == AV_RL32("GEOX"))) { > int x, y, p; > av_frame_make_writable(pict); Does https://ffmpeg.org/pipermail/ffmpeg-devel/2022-February/293358.html not fix the timeout? - Andreas
On Fri, Feb 25, 2022 at 09:22:14PM +0100, Andreas Rheinhardt wrote: > Michael Niedermayer: > > Fixes: Timeout > > Fixes: 44921/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MPEG4_fuzzer-6546588791603200 > > > > Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg > > Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> > > --- > > libavcodec/h263dec.c | 1 + > > 1 file changed, 1 insertion(+) > > > > diff --git a/libavcodec/h263dec.c b/libavcodec/h263dec.c > > index e940b7f7c7..56a41f6d05 100644 > > --- a/libavcodec/h263dec.c > > +++ b/libavcodec/h263dec.c > > @@ -702,6 +702,7 @@ frame_end: > > > > if (s->last_picture_ptr || s->low_delay) { > > if ( pict->format == AV_PIX_FMT_YUV420P > > + && buf_size*16LL > s->mb_num > > && (s->codec_tag == AV_RL32("GEOV") || s->codec_tag == AV_RL32("GEOX"))) { > > int x, y, p; > > av_frame_make_writable(pict); > > Does https://ffmpeg.org/pipermail/ffmpeg-devel/2022-February/293358.html > not fix the timeout? that should work too and is better, consider my patch withdrawn thx
diff --git a/libavcodec/h263dec.c b/libavcodec/h263dec.c index e940b7f7c7..56a41f6d05 100644 --- a/libavcodec/h263dec.c +++ b/libavcodec/h263dec.c @@ -702,6 +702,7 @@ frame_end: if (s->last_picture_ptr || s->low_delay) { if ( pict->format == AV_PIX_FMT_YUV420P + && buf_size*16LL > s->mb_num && (s->codec_tag == AV_RL32("GEOV") || s->codec_tag == AV_RL32("GEOX"))) { int x, y, p; av_frame_make_writable(pict);
Fixes: Timeout Fixes: 44921/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MPEG4_fuzzer-6546588791603200 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> --- libavcodec/h263dec.c | 1 + 1 file changed, 1 insertion(+)