| Message ID | 20210322205833.14541-5-michael@niedermayer.cc |
|---|---|
| State | Accepted |
| Commit | 87d87e6587deec1fa8ed5f5c6901535becdb0358 |
| Headers | show |
| Series | [FFmpeg-devel,1/6] avcodec/h264_slice: Check input SPS in ff_h264_update_thread_context() | expand |
| Context | Check | Description |
|---|---|---|
| andriy/x86_make | success | Make finished |
| andriy/x86_make_fate | success | Make fate finished |
| andriy/PPC64_make | success | Make finished |
| andriy/PPC64_make_fate | success | Make fate finished |
On Mon, Mar 22, 2021 at 09:58:32PM +0100, Michael Niedermayer wrote: > Fixes: out of array access > Fixes: 31201/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MPEG4_fuzzer-4627865612189696.fuzz > > Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg > Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> > --- > libavcodec/mpegvideo.c | 7 +++++++ > 1 file changed, 7 insertions(+) will apply [...]
diff --git a/libavcodec/mpegvideo.c b/libavcodec/mpegvideo.c index e336192832..66b4949bb5 100644 --- a/libavcodec/mpegvideo.c +++ b/libavcodec/mpegvideo.c @@ -1085,6 +1085,13 @@ int ff_mpv_common_frame_size_change(MpegEncContext *s) (err = av_image_check_size(s->width, s->height, 0, s->avctx)) < 0) return err; + /* set chroma shifts */ + err = av_pix_fmt_get_chroma_sub_sample(s->avctx->pix_fmt, + &s->chroma_x_shift, + &s->chroma_y_shift); + if (err < 0) + return err; + if ((err = init_context_frame(s))) return err;
Fixes: out of array access Fixes: 31201/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MPEG4_fuzzer-4627865612189696.fuzz Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> --- libavcodec/mpegvideo.c | 7 +++++++ 1 file changed, 7 insertions(+)