| Message ID | 20180627181121.30735-5-michael@niedermayer.cc |
|---|---|
| State | Accepted |
| Commit | 00e8181bd97c834fe60751b0c511d4bb97875f78 |
| Headers | show |
On 6/27/18, Michael Niedermayer <michael@niedermayer.cc> wrote: > Fixes: null pointer dereference > Fixes: ffmpeg_crash_6.avi > > Found-by: Thuan Pham, Marcel Boehme, Andrew Santosa and Alexandru Razvan > Caciulescu with AFLSmart > Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> > --- > libavcodec/ac3_parser.c | 4 +++- > 1 file changed, 3 insertions(+), 1 deletion(-) > ok
On Wed, Jun 27, 2018 at 08:36:42PM +0200, Paul B Mahol wrote: > On 6/27/18, Michael Niedermayer <michael@niedermayer.cc> wrote: > > Fixes: null pointer dereference > > Fixes: ffmpeg_crash_6.avi > > > > Found-by: Thuan Pham, Marcel Boehme, Andrew Santosa and Alexandru Razvan > > Caciulescu with AFLSmart > > Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> > > --- > > libavcodec/ac3_parser.c | 4 +++- > > 1 file changed, 3 insertions(+), 1 deletion(-) > > > > ok will apply thanks [...]
diff --git a/libavcodec/ac3_parser.c b/libavcodec/ac3_parser.c index f4618bf215..1e203ae6ac 100644 --- a/libavcodec/ac3_parser.c +++ b/libavcodec/ac3_parser.c @@ -162,7 +162,9 @@ int avpriv_ac3_parse_header(AC3HeaderInfo **phdr, const uint8_t *buf, return AVERROR(ENOMEM); hdr = *phdr; - init_get_bits8(&gb, buf, size); + err = init_get_bits8(&gb, buf, size); + if (err < 0) + return AVERROR_INVALIDDATA; err = ff_ac3_parse_header(&gb, hdr); if (err < 0) return AVERROR_INVALIDDATA;
Fixes: null pointer dereference Fixes: ffmpeg_crash_6.avi Found-by: Thuan Pham, Marcel Böhme, Andrew Santosa and Alexandru Razvan Caciulescu with AFLSmart Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> --- libavcodec/ac3_parser.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-)