| Message ID | 20220703003152.17850-4-michael@niedermayer.cc |
|---|---|
| State | Accepted |
| Commit | cd847f86d31f87f0f7733ca6ab7a2c022a1398bd |
| Headers | show |
| Series | [FFmpeg-devel,1/6] avcodec/wnv1: Check for width =1 | expand |
| Context | Check | Description |
|---|---|---|
| yinshiyou/make_loongarch64 | success | Make finished |
| yinshiyou/make_fate_loongarch64 | success | Make fate finished |
| andriy/make_x86 | success | Make finished |
| andriy/make_fate_x86 | success | Make fate finished |
lgtm
On Sun, Jul 03, 2022 at 10:15:02AM +0200, Paul B Mahol wrote:
> lgtm
will apply
thx
[...]
diff --git a/libavcodec/qdrw.c b/libavcodec/qdrw.c index 849d4a5cad..ff8f97713d 100644 --- a/libavcodec/qdrw.c +++ b/libavcodec/qdrw.c @@ -368,7 +368,7 @@ static int decode_frame(AVCodecContext *avctx, AVFrame *p, bytestream2_skip(&gbc, 18); colors = bytestream2_get_be16(&gbc); - if (colors < 0 || colors > 256) { + if (colors < 0 || colors > 255) { av_log(avctx, AV_LOG_ERROR, "Error color count - %i(0x%X)\n", colors, colors); return AVERROR_INVALIDDATA;
Fixes: out of array access Fixes: 48429/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_QDRAW_fuzzer-4608329791438848 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> --- libavcodec/qdrw.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)