Message ID | 20171125183046.17280-1-michael@niedermayer.cc |
---|---|
State | New |
Headers | show |
On 11/25/2017 3:30 PM, Michael Niedermayer wrote: > Fixes: chromium-773637/clusterfuzz-testcase-minimized-6418078673141760 > > Found-by: ossfuzz/chromium > Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> > --- > libavformat/aacdec.c | 8 +++++++- > 1 file changed, 7 insertions(+), 1 deletion(-) > > diff --git a/libavformat/aacdec.c b/libavformat/aacdec.c > index 364b33404f..101e8dbea5 100644 > --- a/libavformat/aacdec.c > +++ b/libavformat/aacdec.c > @@ -139,7 +139,13 @@ static int adts_aac_read_packet(AVFormatContext *s, AVPacket *pkt) > return AVERROR_INVALIDDATA; > } > > - return av_append_packet(s->pb, pkt, fsize - ADTS_HEADER_SIZE); > + ret = av_append_packet(s->pb, pkt, fsize - ADTS_HEADER_SIZE); > + if (ret < 0) { > + av_packet_unref(pkt); > + return AVERROR_INVALIDDATA; Why not just let the line below return ret? > + } > + > + return ret; > } > > AVInputFormat ff_aac_demuxer = { > LGTM either way.
On Sat, Nov 25, 2017 at 03:42:16PM -0300, James Almer wrote: > On 11/25/2017 3:30 PM, Michael Niedermayer wrote: > > Fixes: chromium-773637/clusterfuzz-testcase-minimized-6418078673141760 > > > > Found-by: ossfuzz/chromium > > Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> > > --- > > libavformat/aacdec.c | 8 +++++++- > > 1 file changed, 7 insertions(+), 1 deletion(-) > > > > diff --git a/libavformat/aacdec.c b/libavformat/aacdec.c > > index 364b33404f..101e8dbea5 100644 > > --- a/libavformat/aacdec.c > > +++ b/libavformat/aacdec.c > > @@ -139,7 +139,13 @@ static int adts_aac_read_packet(AVFormatContext *s, AVPacket *pkt) > > return AVERROR_INVALIDDATA; > > } > > > > - return av_append_packet(s->pb, pkt, fsize - ADTS_HEADER_SIZE); > > + ret = av_append_packet(s->pb, pkt, fsize - ADTS_HEADER_SIZE); > > + if (ret < 0) { > > + av_packet_unref(pkt); > > + return AVERROR_INVALIDDATA; > > Why not just let the line below return ret? will change > > > + } > > + > > + return ret; > > } > > > > AVInputFormat ff_aac_demuxer = { > > > > LGTM either way. will apply thanks [...]
diff --git a/libavformat/aacdec.c b/libavformat/aacdec.c index 364b33404f..101e8dbea5 100644 --- a/libavformat/aacdec.c +++ b/libavformat/aacdec.c @@ -139,7 +139,13 @@ static int adts_aac_read_packet(AVFormatContext *s, AVPacket *pkt) return AVERROR_INVALIDDATA; } - return av_append_packet(s->pb, pkt, fsize - ADTS_HEADER_SIZE); + ret = av_append_packet(s->pb, pkt, fsize - ADTS_HEADER_SIZE); + if (ret < 0) { + av_packet_unref(pkt); + return AVERROR_INVALIDDATA; + } + + return ret; } AVInputFormat ff_aac_demuxer = {
Fixes: chromium-773637/clusterfuzz-testcase-minimized-6418078673141760 Found-by: ossfuzz/chromium Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> --- libavformat/aacdec.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-)