| Message ID | 20230213003330.6529-1-michael@niedermayer.cc |
|---|---|
| State | Accepted |
| Commit | cadd7e7a7589b5c118ad1648a09c629a6b65a3be |
| Headers | show |
| Series | [FFmpeg-devel] avcodec/vorbisdec: Check codebook float values to be finite | expand |
| Context | Check | Description |
|---|---|---|
| andriy/make_x86 | success | Make finished |
| andriy/make_fate_x86 | success | Make fate finished |
On Mon, Feb 13, 2023 at 01:33:30AM +0100, Michael Niedermayer wrote: > Fixes: Timeout > Fixes: 55116/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VORBIS_fuzzer-4572159970508800 > > Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> > --- > libavcodec/vorbisdec.c | 4 ++++ > 1 file changed, 4 insertions(+) will apply [...]
diff --git a/libavcodec/vorbisdec.c b/libavcodec/vorbisdec.c index dd856a6dfe..93bea12f1d 100644 --- a/libavcodec/vorbisdec.c +++ b/libavcodec/vorbisdec.c @@ -368,6 +368,10 @@ static int vorbis_parse_setup_hdr_codebooks(vorbis_context *vc) unsigned codebook_value_bits = get_bits(gb, 4) + 1; unsigned codebook_sequence_p = get_bits1(gb); + if (!isfinite(codebook_minimum_value) || !isfinite(codebook_delta_value)) { + ret = AVERROR_INVALIDDATA; + goto error; + } ff_dlog(NULL, " We expect %d numbers for building the codevectors. \n", codebook_lookup_values); ff_dlog(NULL, " delta %f minmum %f \n",
Fixes: Timeout Fixes: 55116/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VORBIS_fuzzer-4572159970508800 Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> --- libavcodec/vorbisdec.c | 4 ++++ 1 file changed, 4 insertions(+)