diff mbox series

[FFmpeg-devel,6/6] avformat/rka: Fix division by 0 for bps < 8

Message ID 20230409142627.19820-6-michael@niedermayer.cc
State New
Headers show
Series [FFmpeg-devel,1/6] avcodec/huffyuvdec: Fix undefined behavior with shift | expand

Checks

Context Check Description
andriy/make_x86 success Make finished
andriy/make_fate_x86 success Make fate finished

Commit Message

Michael Niedermayer April 9, 2023, 2:26 p.m. UTC 
Fixes: division by zero
Fixes: 57828/clusterfuzz-testcase-minimized-ffmpeg_dem_RKA_fuzzer-6571818338353152

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
---
 libavformat/rka.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Comments

Paul B Mahol April 9, 2023, 7:02 p.m. UTC | #1 
NAK, bps < 8  is invalid

On Sun, Apr 9, 2023 at 4:27 PM Michael Niedermayer <michael@niedermayer.cc>
wrote:

> Fixes: division by zero
> Fixes:
> 57828/clusterfuzz-testcase-minimized-ffmpeg_dem_RKA_fuzzer-6571818338353152
>
> Found-by: continuous fuzzing process
> https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
> Signed-off-by
> <https://github.com/google/oss-fuzz/tree/master/projects/ffmpegSigned-off-by>:
> Michael Niedermayer <michael@niedermayer.cc>
> ---
>  libavformat/rka.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/libavformat/rka.c b/libavformat/rka.c
> index 39e5b3bce12..c83a17c92cc 100644
> --- a/libavformat/rka.c
> +++ b/libavformat/rka.c
> @@ -100,7 +100,7 @@ static int rka_read_header(AVFormatContext *s)
>                  break;
>          }
>
> -        if ((r = av_add_index_entry(st, framepos, (i * 131072LL) /
> (channels * (bps >> 3)),
> +        if ((r = av_add_index_entry(st, framepos, (i * 131072LL*8) /
> (channels * bps),
>                                      size, 0, AVINDEX_KEYFRAME)) < 0)
>              return r;
>          framepos += size;
> --
> 2.17.1
>
> _______________________________________________
> ffmpeg-devel mailing list
> ffmpeg-devel@ffmpeg.org
> https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
>
> To unsubscribe, visit link above, or email
> ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".
>
diff mbox series

Patch

diff --git a/libavformat/rka.c b/libavformat/rka.c
index 39e5b3bce12..c83a17c92cc 100644
--- a/libavformat/rka.c
+++ b/libavformat/rka.c
@@ -100,7 +100,7 @@  static int rka_read_header(AVFormatContext *s)
                 break;
         }
 
-        if ((r = av_add_index_entry(st, framepos, (i * 131072LL) / (channels * (bps >> 3)),
+        if ((r = av_add_index_entry(st, framepos, (i * 131072LL*8) / (channels * bps),
                                     size, 0, AVINDEX_KEYFRAME)) < 0)
             return r;
         framepos += size;