Message ID | 20190822180925.12233-2-michael@niedermayer.cc |
---|---|
State | Accepted |
Commit | c9fcf881e69e34a2acfa2bb7052ca200cab16740 |
Headers | show |
tor 2019-08-22 klockan 20:09 +0200 skrev Michael Niedermayer: > Fixes: Timeout (128sec -> 2ms) > Fixes: 16568/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_IDCIN_fuzzer-5675004095627264 > > See: [FFmpeg-devel] [PATCH 4/4] tools/target_dec_fuzzer: Adjust max_pixels for IDCIN > > Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg > Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> > --- > libavcodec/idcinvideo.c | 6 ++++++ > 1 file changed, 6 insertions(+) > > diff --git a/libavcodec/idcinvideo.c b/libavcodec/idcinvideo.c > index cff9ad31ac..6b2d8087ae 100644 > --- a/libavcodec/idcinvideo.c > +++ b/libavcodec/idcinvideo.c > @@ -243,6 +243,11 @@ static int idcin_decode_frame(AVCodecContext *avctx, > return buf_size; > } > > +static const AVCodecDefault idcin_defaults[] = { > + { "max_pixels", "320*240" }, > + { NULL }, > +}; Should be OK since we don't know of any samples larger than this. If we want to be *really* strict we could limit it to 320x240 only /Tomas
tor 2019-08-22 klockan 23:00 +0200 skrev Tomas Härdin: > tor 2019-08-22 klockan 20:09 +0200 skrev Michael Niedermayer: > > Fixes: Timeout (128sec -> 2ms) > > Fixes: 16568/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_IDCIN_fuzzer-5675004095627264 > > > > See: [FFmpeg-devel] [PATCH 4/4] tools/target_dec_fuzzer: Adjust max_pixels for IDCIN > > > > Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg > > Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> > > --- > > libavcodec/idcinvideo.c | 6 ++++++ > > 1 file changed, 6 insertions(+) > > > > diff --git a/libavcodec/idcinvideo.c b/libavcodec/idcinvideo.c > > index cff9ad31ac..6b2d8087ae 100644 > > --- a/libavcodec/idcinvideo.c > > +++ b/libavcodec/idcinvideo.c > > @@ -243,6 +243,11 @@ static int idcin_decode_frame(AVCodecContext *avctx, > > return buf_size; > > } > > > > +static const AVCodecDefault idcin_defaults[] = { > > + { "max_pixels", "320*240" }, > > + { NULL }, > > +}; > > Should be OK since we don't know of any samples larger than this. If we > want to be *really* strict we could limit it to 320x240 only I forgot to add: we should have a corresponding limit in libavformat/idcin.c, preferably using the same option if possible /Tomas
On Thu, Aug 22, 2019 at 11:00:58PM +0200, Tomas Härdin wrote: > tor 2019-08-22 klockan 20:09 +0200 skrev Michael Niedermayer: > > Fixes: Timeout (128sec -> 2ms) > > Fixes: 16568/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_IDCIN_fuzzer-5675004095627264 > > > > See: [FFmpeg-devel] [PATCH 4/4] tools/target_dec_fuzzer: Adjust max_pixels for IDCIN > > > > Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg > > Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> > > --- > > libavcodec/idcinvideo.c | 6 ++++++ > > 1 file changed, 6 insertions(+) > > > > diff --git a/libavcodec/idcinvideo.c b/libavcodec/idcinvideo.c > > index cff9ad31ac..6b2d8087ae 100644 > > --- a/libavcodec/idcinvideo.c > > +++ b/libavcodec/idcinvideo.c > > @@ -243,6 +243,11 @@ static int idcin_decode_frame(AVCodecContext *avctx, > > return buf_size; > > } > > > > +static const AVCodecDefault idcin_defaults[] = { > > + { "max_pixels", "320*240" }, > > + { NULL }, > > +}; > > Should be OK since we don't know of any samples larger than this. If we > want to be *really* strict we could limit it to 320x240 only will apply it together with the dependant patch for the fuzzer thx [...]
diff --git a/libavcodec/idcinvideo.c b/libavcodec/idcinvideo.c index cff9ad31ac..6b2d8087ae 100644 --- a/libavcodec/idcinvideo.c +++ b/libavcodec/idcinvideo.c @@ -243,6 +243,11 @@ static int idcin_decode_frame(AVCodecContext *avctx, return buf_size; } +static const AVCodecDefault idcin_defaults[] = { + { "max_pixels", "320*240" }, + { NULL }, +}; + AVCodec ff_idcin_decoder = { .name = "idcinvideo", .long_name = NULL_IF_CONFIG_SMALL("id Quake II CIN video"), @@ -252,4 +257,5 @@ AVCodec ff_idcin_decoder = { .init = idcin_decode_init, .decode = idcin_decode_frame, .capabilities = AV_CODEC_CAP_DR1, + .defaults = idcin_defaults, };
Fixes: Timeout (128sec -> 2ms) Fixes: 16568/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_IDCIN_fuzzer-5675004095627264 See: [FFmpeg-devel] [PATCH 4/4] tools/target_dec_fuzzer: Adjust max_pixels for IDCIN Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> --- libavcodec/idcinvideo.c | 6 ++++++ 1 file changed, 6 insertions(+)