Message ID | 20211010213954.12708-2-michael@niedermayer.cc |
---|---|
State | Accepted |
Commit | 1902a60ddab82b0c8e8e52c6d2c329eb4628a7d9 |
Headers | show |
Series | [FFmpeg-devel,1/2] avcodec/utils: Ensure 8x8 alignment for ARGO in avcodec_align_dimensions2() | expand |
Context | Check | Description |
---|---|---|
andriy/make_x86 | success | Make finished |
andriy/make_fate_x86 | success | Make fate finished |
andriy/make_ppc | success | Make finished |
andriy/make_fate_ppc | success | Make fate finished |
On Sun, Oct 10, 2021 at 11:39:54PM +0200, Michael Niedermayer wrote: > Fixes: OOM > Fixes: 39798/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_GEM_fuzzer-5611636853964800 > > Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg > Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> > --- > libavcodec/gemdec.c | 8 ++++++-- > 1 file changed, 6 insertions(+), 2 deletions(-) > > diff --git a/libavcodec/gemdec.c b/libavcodec/gemdec.c > index bf0927b7638..2464dda8a7e 100644 > --- a/libavcodec/gemdec.c > +++ b/libavcodec/gemdec.c > @@ -101,6 +101,7 @@ static int gem_decode_frame(AVCodecContext *avctx, > int row_width, pixel_size; > State state = {.y = 0, .pl = 0, .x = 0, .vdup = 1}; > void (*put_lines)(AVCodecContext *avctx, int planes, int row_width, int pixel_size, State * state, uint8_t * row, AVFrame *p); > + int width, height; > > if (buf_size <= 16) > return AVERROR_INVALIDDATA; > @@ -114,8 +115,11 @@ static int gem_decode_frame(AVCodecContext *avctx, > pattern_size = bytestream2_get_be16(&gb); > avctx->sample_aspect_ratio.num = bytestream2_get_be16(&gb); > avctx->sample_aspect_ratio.den = bytestream2_get_be16(&gb); > - avctx->width = bytestream2_get_be16(&gb); > - avctx->height = bytestream2_get_be16(&gb); > + width = bytestream2_get_be16(&gb); > + height = bytestream2_get_be16(&gb); > + ret = ff_set_dimensions(avctx, width, height); > + if (ret < 0) > + return ret; > > row_width = (avctx->width + 7) / 8; > put_lines = put_lines_bits; looks good. please apply. -- Peter (A907 E02F A6E5 0CD2 34CD 20D2 6760 79C5 AC40 DD6B)
On Mon, Oct 11, 2021 at 08:18:25PM +1100, Peter Ross wrote: > On Sun, Oct 10, 2021 at 11:39:54PM +0200, Michael Niedermayer wrote: > > Fixes: OOM > > Fixes: 39798/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_GEM_fuzzer-5611636853964800 > > > > Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg > > Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> > > --- > > libavcodec/gemdec.c | 8 ++++++-- > > 1 file changed, 6 insertions(+), 2 deletions(-) > > > > diff --git a/libavcodec/gemdec.c b/libavcodec/gemdec.c > > index bf0927b7638..2464dda8a7e 100644 > > --- a/libavcodec/gemdec.c > > +++ b/libavcodec/gemdec.c > > @@ -101,6 +101,7 @@ static int gem_decode_frame(AVCodecContext *avctx, > > int row_width, pixel_size; > > State state = {.y = 0, .pl = 0, .x = 0, .vdup = 1}; > > void (*put_lines)(AVCodecContext *avctx, int planes, int row_width, int pixel_size, State * state, uint8_t * row, AVFrame *p); > > + int width, height; > > > > if (buf_size <= 16) > > return AVERROR_INVALIDDATA; > > @@ -114,8 +115,11 @@ static int gem_decode_frame(AVCodecContext *avctx, > > pattern_size = bytestream2_get_be16(&gb); > > avctx->sample_aspect_ratio.num = bytestream2_get_be16(&gb); > > avctx->sample_aspect_ratio.den = bytestream2_get_be16(&gb); > > - avctx->width = bytestream2_get_be16(&gb); > > - avctx->height = bytestream2_get_be16(&gb); > > + width = bytestream2_get_be16(&gb); > > + height = bytestream2_get_be16(&gb); > > + ret = ff_set_dimensions(avctx, width, height); > > + if (ret < 0) > > + return ret; > > > > row_width = (avctx->width + 7) / 8; > > put_lines = put_lines_bits; > > looks good. please apply. will apply thx [...]
diff --git a/libavcodec/gemdec.c b/libavcodec/gemdec.c index bf0927b7638..2464dda8a7e 100644 --- a/libavcodec/gemdec.c +++ b/libavcodec/gemdec.c @@ -101,6 +101,7 @@ static int gem_decode_frame(AVCodecContext *avctx, int row_width, pixel_size; State state = {.y = 0, .pl = 0, .x = 0, .vdup = 1}; void (*put_lines)(AVCodecContext *avctx, int planes, int row_width, int pixel_size, State * state, uint8_t * row, AVFrame *p); + int width, height; if (buf_size <= 16) return AVERROR_INVALIDDATA; @@ -114,8 +115,11 @@ static int gem_decode_frame(AVCodecContext *avctx, pattern_size = bytestream2_get_be16(&gb); avctx->sample_aspect_ratio.num = bytestream2_get_be16(&gb); avctx->sample_aspect_ratio.den = bytestream2_get_be16(&gb); - avctx->width = bytestream2_get_be16(&gb); - avctx->height = bytestream2_get_be16(&gb); + width = bytestream2_get_be16(&gb); + height = bytestream2_get_be16(&gb); + ret = ff_set_dimensions(avctx, width, height); + if (ret < 0) + return ret; row_width = (avctx->width + 7) / 8; put_lines = put_lines_bits;
Fixes: OOM Fixes: 39798/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_GEM_fuzzer-5611636853964800 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> --- libavcodec/gemdec.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-)