Message ID | 20220712184322.22814-2-michael@niedermayer.cc |
---|---|
State | Accepted |
Commit | b5de084aa63b79586bc445e6a7fea837688b3941 |
Headers | show |
Series | [FFmpeg-devel,1/3] avcodec/lagarith: Check dst/src in zero run code | expand |
Context | Check | Description |
---|---|---|
yinshiyou/make_loongarch64 | success | Make finished |
yinshiyou/make_fate_loongarch64 | success | Make fate finished |
andriy/make_x86 | success | Make finished |
andriy/make_fate_x86 | success | Make fate finished |
On Tue, Jul 12, 2022 at 08:43:21PM +0200, Michael Niedermayer wrote: > Fixes; Timeout > Fixes: 48794/clusterfuzz-testcase-minimized-ffmpeg_dem_NUT_fuzzer-6524604713140224 > > Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg > Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> > --- > libavformat/nutdec.c | 2 ++ > 1 file changed, 2 insertions(+) will apply [...]
diff --git a/libavformat/nutdec.c b/libavformat/nutdec.c index 0db3d03f6c..8cc56615ad 100644 --- a/libavformat/nutdec.c +++ b/libavformat/nutdec.c @@ -200,6 +200,8 @@ static int decode_main_header(NUTContext *nut) int tmp_stream, tmp_mul, tmp_pts, tmp_size, tmp_res, tmp_head_idx; length = get_packetheader(nut, bc, 1, MAIN_STARTCODE); + if (length == (uint64_t)-1) + return AVERROR_INVALIDDATA; end = length + avio_tell(bc); nut->version = ffio_read_varlen(bc);
Fixes; Timeout Fixes: 48794/clusterfuzz-testcase-minimized-ffmpeg_dem_NUT_fuzzer-6524604713140224 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> --- libavformat/nutdec.c | 2 ++ 1 file changed, 2 insertions(+)