Message ID | 20191010224011.5364-2-michael@niedermayer.cc |
---|---|
State | Accepted |
Commit | 2c7975fe6f5c734fce9c59e8418c7f2de15a558d |
Headers | show |
lgtm On 10/11/19, Michael Niedermayer <michael@niedermayer.cc> wrote: > Fixes: Timeout (125sec -> 0.4sec) > Fixes: > 18059/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_QDMC_fuzzer-5656195825664000 > > Found-by: continuous fuzzing process > https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg > Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> > --- > libavcodec/qdmc.c | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/libavcodec/qdmc.c b/libavcodec/qdmc.c > index 8bea1552e1..10ceb7aa55 100644 > --- a/libavcodec/qdmc.c > +++ b/libavcodec/qdmc.c > @@ -367,6 +367,8 @@ static int qdmc_get_vlc(GetBitContext *gb, VLC *table, > int flag) > { > int v; > > + if (get_bits_left(gb) < 1) > + return AVERROR_INVALIDDATA; > v = get_vlc2(gb, table->table, table->bits, 1); > if (v < 0) > return AVERROR_INVALIDDATA; > -- > 2.23.0 > > _______________________________________________ > ffmpeg-devel mailing list > ffmpeg-devel@ffmpeg.org > https://ffmpeg.org/mailman/listinfo/ffmpeg-devel > > To unsubscribe, visit link above, or email > ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".
On Fri, Oct 11, 2019 at 10:54:18AM +0200, Paul B Mahol wrote:
> lgtm
will apply
thx
[...]
diff --git a/libavcodec/qdmc.c b/libavcodec/qdmc.c index 8bea1552e1..10ceb7aa55 100644 --- a/libavcodec/qdmc.c +++ b/libavcodec/qdmc.c @@ -367,6 +367,8 @@ static int qdmc_get_vlc(GetBitContext *gb, VLC *table, int flag) { int v; + if (get_bits_left(gb) < 1) + return AVERROR_INVALIDDATA; v = get_vlc2(gb, table->table, table->bits, 1); if (v < 0) return AVERROR_INVALIDDATA;
Fixes: Timeout (125sec -> 0.4sec) Fixes: 18059/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_QDMC_fuzzer-5656195825664000 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> --- libavcodec/qdmc.c | 2 ++ 1 file changed, 2 insertions(+)