| Message ID | 20201024222312.5806-2-michael@niedermayer.cc |
|---|---|
| State | Accepted |
| Commit | 857aba7c45faf0335ad91ecabc0bce8b94320758 |
| Headers | show |
| Series | [FFmpeg-devel,1/8] tools/target_dem_fuzzer: Limit max blocks | expand |
| Context | Check | Description |
|---|---|---|
| andriy/x86_make | success | Make finished |
| andriy/x86_make_fate | success | Make fate finished |
On Sun, Oct 25, 2020 at 12:23:06AM +0200, Michael Niedermayer wrote: > Fixes: timeout(>20sec -> 1ms) > Fixes: 26526/clusterfuzz-testcase-minimized-ffmpeg_dem_EA_fuzzer-5672328069120000 > > Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg > Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> > --- > libavformat/electronicarts.c | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/libavformat/electronicarts.c b/libavformat/electronicarts.c > index d0f483aaf9..4c292f29a2 100644 > --- a/libavformat/electronicarts.c > +++ b/libavformat/electronicarts.c > @@ -582,6 +582,8 @@ static int ea_read_packet(AVFormatContext *s, AVPacket *pkt) > int av_uninit(num_samples); > > while ((!packet_read && !hit_end) || partial_packet) { > + if (avio_feof(pb)) > + return AVERROR_EOF; > chunk_type = avio_rl32(pb); > chunk_size = ea->big_endian ? avio_rb32(pb) : avio_rl32(pb); > if (chunk_size < 8) > -- > 2.17.1 looks good -- Peter (A907 E02F A6E5 0CD2 34CD 20D2 6760 79C5 AC40 DD6B)
On Sun, Oct 25, 2020 at 12:34:25PM +1100, Peter Ross wrote: > On Sun, Oct 25, 2020 at 12:23:06AM +0200, Michael Niedermayer wrote: > > Fixes: timeout(>20sec -> 1ms) > > Fixes: 26526/clusterfuzz-testcase-minimized-ffmpeg_dem_EA_fuzzer-5672328069120000 > > > > Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg > > Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> > > --- > > libavformat/electronicarts.c | 2 ++ > > 1 file changed, 2 insertions(+) > > > > diff --git a/libavformat/electronicarts.c b/libavformat/electronicarts.c > > index d0f483aaf9..4c292f29a2 100644 > > --- a/libavformat/electronicarts.c > > +++ b/libavformat/electronicarts.c > > @@ -582,6 +582,8 @@ static int ea_read_packet(AVFormatContext *s, AVPacket *pkt) > > int av_uninit(num_samples); > > > > while ((!packet_read && !hit_end) || partial_packet) { > > + if (avio_feof(pb)) > > + return AVERROR_EOF; > > chunk_type = avio_rl32(pb); > > chunk_size = ea->big_endian ? avio_rb32(pb) : avio_rl32(pb); > > if (chunk_size < 8) > > -- > > 2.17.1 > > looks good will apply thx [...]
diff --git a/libavformat/electronicarts.c b/libavformat/electronicarts.c index d0f483aaf9..4c292f29a2 100644 --- a/libavformat/electronicarts.c +++ b/libavformat/electronicarts.c @@ -582,6 +582,8 @@ static int ea_read_packet(AVFormatContext *s, AVPacket *pkt) int av_uninit(num_samples); while ((!packet_read && !hit_end) || partial_packet) { + if (avio_feof(pb)) + return AVERROR_EOF; chunk_type = avio_rl32(pb); chunk_size = ea->big_endian ? avio_rb32(pb) : avio_rl32(pb); if (chunk_size < 8)
Fixes: timeout(>20sec -> 1ms) Fixes: 26526/clusterfuzz-testcase-minimized-ffmpeg_dem_EA_fuzzer-5672328069120000 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> --- libavformat/electronicarts.c | 2 ++ 1 file changed, 2 insertions(+)