From patchwork Sun Sep 11 14:27:17 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Michael Niedermayer <michael@niedermayer.cc>
X-Patchwork-Id: 37844
Delivered-To: ffmpegpatchwork2@gmail.com
Received: by 2002:a05:6a20:139a:b0:8f:1db5:eae2 with SMTP id w26csp1995715pzh;
        Sun, 11 Sep 2022 07:27:39 -0700 (PDT)
X-Google-Smtp-Source: 
 AA6agR7/K7TRloNN9/tR1HhYls/WBSbVQb5gjwJP75Lxi/HgygpDabkWQySHyj4ymnJhBLONZaYi
X-Received: by 2002:a17:907:a4a:b0:77b:c1b2:479a with SMTP id
 be10-20020a1709070a4a00b0077bc1b2479amr3878600ejc.109.1662906459715;
        Sun, 11 Sep 2022 07:27:39 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1662906459; cv=none;
        d=google.com; s=arc-20160816;
        b=HoZPsGl4zOG+YVRQ0YZctCq9rT4mIba7Y16Qj9km7lcSqyGGNf5AYJhkkZvFNdhkPE
         QITkxOd2tm0TWNgGmArqZK7e9ZQmtWRjteXU4GBIbrzdP2JYpmel/1OkUSiK70P9fnGm
         vv0tm9BMKta2Pkc3PNCJzMA2g9G62xeXhH1QKhA15avq2wCR2hFwQaKrCODuHW+jR34o
         iHdId1Mb5yYeoQ0jhWjNgo4OoeFlb7ntzfI3+WXgIRr6kOGge8bYj96+4wZG/b8bgFZt
         Am13Txq9HpXN4cxg6OcGOtChupwXYupuZ1ACfWN4qrOFBI+6tp5MgXTAI8DDskKr8UBw
         KBMg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=sender:errors-to:content-transfer-encoding:mime-version:reply-to
         :list-subscribe:list-help:list-post:list-archive:list-unsubscribe
         :list-id:precedence:subject:message-id:date:to:from:delivered-to;
        bh=7M3A0FQQ0bA4jkQQhwPwHdpT62NWnMn9J+iGCf5suuA=;
        b=ApAKzvIm+JM1lJzmTmOZT4rLRw9+x44lVpKPSlYdaGNsuTYX1vnNahpk+iekjwH/Ii
         By5mgG0joBSY1dLYZXnMtVWxg5z1xP7yEIhbxHYuXUIxZ0bwfaSnpa3oKlU+Q5s3lpp3
         q2k21jy0t+ENge7lp7UGot1otEYz4pj7Ny1rsRgsWEiFKI6MP6eZXlVErXu8btsuA4+9
         bF040STd7aX6PQTfz5lUvaK0/EejN5yN9yKpAh6v9jEWiSZAsoKaAmIcS7nE39LwqnkF
         eg4mZLcaGWLJQH7zsUPQ4RIgIENuGCOBa2G8AVlw68QWJomA7S5Y5xpamFmB3Fzi+yMF
         ofYQ==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org
 designates 79.124.17.100 as permitted sender)
 smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org
Return-Path: <ffmpeg-devel-bounces@ffmpeg.org>
Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org. [79.124.17.100])
        by mx.google.com with ESMTP id
 z15-20020a05640240cf00b00447eb58b921si5125129edb.38.2022.09.11.07.27.39;
        Sun, 11 Sep 2022 07:27:39 -0700 (PDT)
Received-SPF: pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org
 designates 79.124.17.100 as permitted sender) client-ip=79.124.17.100;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org
 designates 79.124.17.100 as permitted sender)
 smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org
Received: from [127.0.1.1] (localhost [127.0.0.1])
	by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 254DE68BAA9;
	Sun, 11 Sep 2022 17:27:31 +0300 (EEST)
X-Original-To: ffmpeg-devel@ffmpeg.org
Delivered-To: ffmpeg-devel@ffmpeg.org
Received: from vie01a-dmta-at03-3.mx.upcmail.net
 (vie01a-dmta-at03-3.mx.upcmail.net [62.179.121.153])
 by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 1773768B752
 for <ffmpeg-devel@ffmpeg.org>; Sun, 11 Sep 2022 17:27:24 +0300 (EEST)
Received: from [172.31.216.235] (helo=vie01a-pemc-psmtp-pe12.mail.upcmail.net)
 by vie01a-dmta-at03.mx.upcmail.net with esmtp (Exim 4.92)
 (envelope-from <michael@niedermayer.cc>) id 1oXNve-002kcY-L4
 for ffmpeg-devel@ffmpeg.org; Sun, 11 Sep 2022 16:27:22 +0200
Received: from ren-mail-psmtp-mg02. ([80.109.253.241])
 by vie01a-pemc-psmtp-pe12.mail.upcmail.net with ESMTP
 id XNveoQDoS8s8UXNveoqedY; Sun, 11 Sep 2022 16:27:22 +0200
Received: from localhost ([213.47.68.29]) by ren-mail-psmtp-mg02. with ESMTP
 id XNvdod9zG8eSWXNvdoJM69; Sun, 11 Sep 2022 16:27:22 +0200
X-Env-Mailfrom: michael@niedermayer.cc
X-Env-Rcptto: ffmpeg-devel@ffmpeg.org
X-SourceIP: 213.47.68.29
X-CNFS-Analysis: v=2.4 cv=KKE5sHJo c=1 sm=1 tr=0 ts=631df04a
 a=2hcxjKEKjp0CzLx6oWAm4g==:117 a=2hcxjKEKjp0CzLx6oWAm4g==:17
 a=MKtGQD3n3ToA:10 a=1oJP67jkp3AA:10 a=GEAsPZ9sns4A:10
 a=ANeCzKrynD58fFZXlnwA:9
From: Michael Niedermayer <michael@niedermayer.cc>
To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
Date: Sun, 11 Sep 2022 16:27:17 +0200
Message-Id: <20220911142721.30812-1-michael@niedermayer.cc>
X-Mailer: git-send-email 2.17.1
X-CMAE-Envelope: 
 MS4wfBx3PI4qOoxTvHi8dGsunRQM6NIoranQJp/O4tBifK2T4FmUH5VJteE5gxn+1LGyYwX5CbKILwxsLpMPWBqcfRZD4SOcZe3rQfJza119D5oR6WfNELom
 DkllBrh/mK1pSrvsELrgvDFBQOS9nLu37Qb6aYgbCsnr+Q/D+zhP7yl6Ei+4m4fC0r14L/UCAa0KOw==
Subject: [FFmpeg-devel] [PATCH 1/5] avformat/mxfdec: Avoid some redundant
 writing to tables in mxf_compute_ptses_fake_index()
X-BeenThere: ffmpeg-devel@ffmpeg.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: FFmpeg development discussions and patches <ffmpeg-devel.ffmpeg.org>
List-Unsubscribe: <https://ffmpeg.org/mailman/options/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=unsubscribe>
List-Archive: <https://ffmpeg.org/pipermail/ffmpeg-devel>
List-Post: <mailto:ffmpeg-devel@ffmpeg.org>
List-Help: <mailto:ffmpeg-devel-request@ffmpeg.org?subject=help>
List-Subscribe: <https://ffmpeg.org/mailman/listinfo/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=subscribe>
Reply-To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
MIME-Version: 1.0
Errors-To: ffmpeg-devel-bounces@ffmpeg.org
Sender: "ffmpeg-devel" <ffmpeg-devel-bounces@ffmpeg.org>
X-TUID: Cayr5Ge726hY

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
---
 libavformat/mxfdec.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/libavformat/mxfdec.c b/libavformat/mxfdec.c
index e63e803aa56..4ceb6cf672f 100644
--- a/libavformat/mxfdec.c
+++ b/libavformat/mxfdec.c
@@ -1939,10 +1939,10 @@ static int mxf_compute_ptses_fake_index(MXFContext *mxf, MXFIndexTable *index_ta
     if (index_table->nb_ptses <= 0)
         return 0;
 
-    if (!(index_table->ptses      = av_calloc(index_table->nb_ptses, sizeof(int64_t))) ||
+    if (!(index_table->ptses      = av_malloc_array(index_table->nb_ptses, sizeof(int64_t))) ||
         !(index_table->fake_index = av_calloc(index_table->nb_ptses, sizeof(AVIndexEntry))) ||
         !(index_table->offsets    = av_calloc(index_table->nb_ptses, sizeof(int8_t))) ||
-        !(flags                   = av_calloc(index_table->nb_ptses, sizeof(uint8_t)))) {
+        !(flags                   = av_malloc_array(index_table->nb_ptses, sizeof(uint8_t)))) {
         av_freep(&index_table->ptses);
         av_freep(&index_table->fake_index);
         av_freep(&index_table->offsets);

From patchwork Sun Sep 11 14:27:18 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Michael Niedermayer <michael@niedermayer.cc>
X-Patchwork-Id: 37847
Delivered-To: ffmpegpatchwork2@gmail.com
Received: by 2002:a05:6a20:139a:b0:8f:1db5:eae2 with SMTP id w26csp1995989pzh;
        Sun, 11 Sep 2022 07:28:27 -0700 (PDT)
X-Google-Smtp-Source: 
 AA6agR4/3sp4+vvZ3jBUqtzVjattQfwsnb6jl6vC++giqcfnwBTPwHcWykW30/w2ZRTMJnpyIvOn
X-Received: by 2002:a17:907:3f04:b0:741:4bf4:fe42 with SMTP id
 hq4-20020a1709073f0400b007414bf4fe42mr16398999ejc.664.1662906506798;
        Sun, 11 Sep 2022 07:28:26 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1662906506; cv=none;
        d=google.com; s=arc-20160816;
        b=yXTHhxKNf+TgHOlVDEVRHygtPWIecpKGXnKtabJyMa6WOt+CJ4bGi5bx5a0bXX+PKG
         N3rF8124ytEEzUJTuJXuIwWfuKelsj4MchCdafCNfxcjOU/K6BpYAaKFq/WAUKh6vqtC
         DNSFWnQWw8iFaazPuYCrltU/7XM3hDo33DqpblV65Y94nsAGYEvokIVAk61ff9OCg1Hc
         wxW7Hfmrb83zttg42dGUup7MnXfFUmp1ZT3tWF8/C36YER7u7jvpafi+K8eoZ9bgbfzV
         UFQDF+5z7ElFHraVUkRbTqpToON8xJhW7nRScBAKHyCyCylYPmr7rUJkQKkNq/E/+ZJu
         ct0w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=sender:errors-to:content-transfer-encoding:mime-version:reply-to
         :list-subscribe:list-help:list-post:list-archive:list-unsubscribe
         :list-id:precedence:subject:references:in-reply-to:message-id:date
         :to:from:delivered-to;
        bh=SXB/ckfevUp137brsDFPUHyUtLyqmMrAueq0eZ7ThtM=;
        b=lqEh1+ngvHnVn+oSbWKdk1u6IomWO3/hzbcNZkV7/CT1ciyNBiDujVK6VIo1RlgNcP
         Quwhy5tbPAXXiwwrNSCNIMYn8+asUFvRpj2HpQ6h3cNYJWEeecjX7HPWV0i9iqDpluo2
         HrX7i5dIRktnOpUjrnUnOTXlRmfa/aI3R0AhniPICKMMeXJ19RpdwJzuHAzuZe1FnHBk
         MZNWBwgauwEuH78I5Cf9zf29NFCMOCZfL5r8aXpONmhIDatvtjcOC1BGtxXZFjHuVFC1
         k+hxVvVlMynEuPmxYC7boHm2K8yx5v5mTcgg59eEwfZup2kWvVHa3NBwCZ3QWPk/z0iB
         zskQ==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org
 designates 79.124.17.100 as permitted sender)
 smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org
Return-Path: <ffmpeg-devel-bounces@ffmpeg.org>
Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org. [79.124.17.100])
        by mx.google.com with ESMTP id
 b30-20020a509f21000000b0044ec8f9905asi5201728edf.403.2022.09.11.07.28.26;
        Sun, 11 Sep 2022 07:28:26 -0700 (PDT)
Received-SPF: pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org
 designates 79.124.17.100 as permitted sender) client-ip=79.124.17.100;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org
 designates 79.124.17.100 as permitted sender)
 smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org
Received: from [127.0.1.1] (localhost [127.0.0.1])
	by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 30D7468BB0F;
	Sun, 11 Sep 2022 17:28:24 +0300 (EEST)
X-Original-To: ffmpeg-devel@ffmpeg.org
Delivered-To: ffmpeg-devel@ffmpeg.org
Received: from vie01a-dmta-at03-3.mx.upcmail.net
 (vie01a-dmta-at03-3.mx.upcmail.net [62.179.121.153])
 by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 8B45C68BAA9
 for <ffmpeg-devel@ffmpeg.org>; Sun, 11 Sep 2022 17:28:22 +0300 (EEST)
Received: from [172.31.216.235] (helo=vie01a-pemc-psmtp-pe12.mail.upcmail.net)
 by vie01a-dmta-at03.mx.upcmail.net with esmtp (Exim 4.92)
 (envelope-from <michael@niedermayer.cc>) id 1oXNwc-002kSq-1k
 for ffmpeg-devel@ffmpeg.org; Sun, 11 Sep 2022 16:28:22 +0200
Received: from ren-mail-psmtp-mg02. ([80.109.253.241])
 by vie01a-pemc-psmtp-pe12.mail.upcmail.net with ESMTP
 id XNwLoQEVi8s8UXNwcoqehy; Sun, 11 Sep 2022 16:28:22 +0200
Received: from localhost ([213.47.68.29]) by ren-mail-psmtp-mg02. with ESMTP
 id XNveod9zW8eSWXNveoJM6C; Sun, 11 Sep 2022 16:27:22 +0200
X-Env-Mailfrom: michael@niedermayer.cc
X-Env-Rcptto: ffmpeg-devel@ffmpeg.org
X-SourceIP: 213.47.68.29
X-CNFS-Analysis: v=2.4 cv=KKE5sHJo c=1 sm=1 tr=0 ts=631df04a
 a=2hcxjKEKjp0CzLx6oWAm4g==:117 a=2hcxjKEKjp0CzLx6oWAm4g==:17
 a=MKtGQD3n3ToA:10 a=1oJP67jkp3AA:10 a=GEAsPZ9sns4A:10 a=NEAV23lmAAAA:8
 a=hO1aMa3koIp_T9N3F1kA:9
From: Michael Niedermayer <michael@niedermayer.cc>
To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
Date: Sun, 11 Sep 2022 16:27:18 +0200
Message-Id: <20220911142721.30812-2-michael@niedermayer.cc>
X-Mailer: git-send-email 2.17.1
In-Reply-To: <20220911142721.30812-1-michael@niedermayer.cc>
References: <20220911142721.30812-1-michael@niedermayer.cc>
X-CMAE-Envelope: 
 MS4wfLTxZBDkOYwbK/eUIPE4LnnZ1f4KLAnTjgvDKW/OP6KCN/TdOX8v3BB0qbq3ithmgYOL8fEgh3pbb7XCmXDcmVGfQIX7A16JWsCBsWCzJIUOz/qmC/Nq
 r+cggJqN+ij2cRERf3BxyyPIdtg34lwmmT3S1W8qRuahlhexsTUsY4+iuDA2wmnuJxmlkedGe3pXLg==
Subject: [FFmpeg-devel] [PATCH 2/5] avcodec/wavpack: Fix overflow in k=31
X-BeenThere: ffmpeg-devel@ffmpeg.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: FFmpeg development discussions and patches <ffmpeg-devel.ffmpeg.org>
List-Unsubscribe: <https://ffmpeg.org/mailman/options/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=unsubscribe>
List-Archive: <https://ffmpeg.org/pipermail/ffmpeg-devel>
List-Post: <mailto:ffmpeg-devel@ffmpeg.org>
List-Help: <mailto:ffmpeg-devel-request@ffmpeg.org?subject=help>
List-Subscribe: <https://ffmpeg.org/mailman/listinfo/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=subscribe>
Reply-To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
MIME-Version: 1.0
Errors-To: ffmpeg-devel-bounces@ffmpeg.org
Sender: "ffmpeg-devel" <ffmpeg-devel-bounces@ffmpeg.org>
X-TUID: RtB489APPl1e

Untested with "non fuzzed" samples as i have no such file

Fixes: shift exponent 32 is too large for 32-bit type 'int'
Fixes: 50930/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WAVPACK_fuzzer-6319201949712384

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
---
 libavcodec/wavpack.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libavcodec/wavpack.c b/libavcodec/wavpack.c
index 7aa1f65e17b..b4d19df7ea2 100644
--- a/libavcodec/wavpack.c
+++ b/libavcodec/wavpack.c
@@ -126,7 +126,7 @@ static av_always_inline unsigned get_tail(GetBitContext *gb, unsigned k)
     if (k < 1)
         return 0;
     p   = av_log2(k);
-    e   = (1 << (p + 1)) - k - 1;
+    e   = (1LL << (p + 1)) - k - 1;
     res = get_bits_long(gb, p);
     if (res >= e)
         res = (res << 1) - e + get_bits1(gb);

From patchwork Sun Sep 11 14:27:19 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Michael Niedermayer <michael@niedermayer.cc>
X-Patchwork-Id: 37843
Delivered-To: ffmpegpatchwork2@gmail.com
Received: by 2002:a05:6a20:139a:b0:8f:1db5:eae2 with SMTP id w26csp1995683pzh;
        Sun, 11 Sep 2022 07:27:33 -0700 (PDT)
X-Google-Smtp-Source: 
 AA6agR7ZzB4tMxq9QjuB4KV3BVlcnWTnGCIGaqch9AAyYdW63HoVNOaN0ssAp4hr+Ypw5Sppw4wn
X-Received: by 2002:a17:907:843:b0:73a:5b0e:8352 with SMTP id
 ww3-20020a170907084300b0073a5b0e8352mr15996147ejb.438.1662906453266;
        Sun, 11 Sep 2022 07:27:33 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1662906453; cv=none;
        d=google.com; s=arc-20160816;
        b=VDqgP1oArmqO1uM1LrBeGfH4dLp1tm8MHTp1EN85nkl7GrmCmq3tS6Y23le7orH6RW
         tD9Va7zrNfKeklJqdDbtU/4mZLLQFFNDaYgGE5q+ZVyKN5FZuBmy0SNH0dVRa3clLquv
         WpQc7/14i/pyGj3O7Bt2YPoCiowKbtTwfhQ3951oxg6Dqdena/dMktMJMMsxWfm/Gwfu
         qgFeDkTzsh9A+tJ+v6JkRfM7VERnOkJhzYzGXbtgWVdMC1/t1G0uqK8MZZcMJrZQ+Hrr
         dDJP4GkpYhWJBan96KLqV9iVnucvRczWKyWqOuDqkaFFxAe8c6GOfd0x1nZatmQvLQIa
         pVrA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=sender:errors-to:content-transfer-encoding:mime-version:reply-to
         :list-subscribe:list-help:list-post:list-archive:list-unsubscribe
         :list-id:precedence:subject:references:in-reply-to:message-id:date
         :to:from:delivered-to;
        bh=x6rw01dQ316rLQgvZSmFCqDFHxDxjCKpcg6TP2u3lvk=;
        b=FeJNcGI7s9b3xAOKDprOW+th/LVCHLv3IDlFyFVMiLWGhJqtJeBUu2E1JDPfkckC9k
         VY23aBYuTzDnp4WMlTAQSIS2whL3H1q7yirwmw5BMMrgeuuIpMfNMDo3Hb+TTE0rEQnv
         ypbXA++YTwuy/+vCBfSg0s4ZiEJcgKyHRnQKI5Hpk+UdiT9e6N9YuIvAiDCveHEnLd+5
         ni16IeNomsQhTiuODcWTLi3fLtrnfdnmHitgqAIfApD4FpYG01ZVn3/2YkQrS6CGobEW
         OgoYWP9MDdjW+ncteWbqqPosX8I9R/e+029hRA867A+/joIR1BcLRm3kMGEU6p42xwCy
         jdBw==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org
 designates 79.124.17.100 as permitted sender)
 smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org
Return-Path: <ffmpeg-devel-bounces@ffmpeg.org>
Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org. [79.124.17.100])
        by mx.google.com with ESMTP id
 q18-20020a50aa92000000b00448b72c6f0esi4456228edc.301.2022.09.11.07.27.32;
        Sun, 11 Sep 2022 07:27:33 -0700 (PDT)
Received-SPF: pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org
 designates 79.124.17.100 as permitted sender) client-ip=79.124.17.100;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org
 designates 79.124.17.100 as permitted sender)
 smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org
Received: from [127.0.1.1] (localhost [127.0.0.1])
	by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 2238E68B70E;
	Sun, 11 Sep 2022 17:27:30 +0300 (EEST)
X-Original-To: ffmpeg-devel@ffmpeg.org
Delivered-To: ffmpeg-devel@ffmpeg.org
Received: from vie01a-dmta-at01-3.mx.upcmail.net
 (vie01a-dmta-at01-3.mx.upcmail.net [62.179.121.147])
 by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 6E94968B70E
 for <ffmpeg-devel@ffmpeg.org>; Sun, 11 Sep 2022 17:27:23 +0300 (EEST)
Received: from [172.31.216.235] (helo=vie01a-pemc-psmtp-pe12.mail.upcmail.net)
 by vie01a-dmta-at01.mx.upcmail.net with esmtp (Exim 4.92)
 (envelope-from <michael@niedermayer.cc>) id 1oXNve-006Ggx-RW
 for ffmpeg-devel@ffmpeg.org; Sun, 11 Sep 2022 16:27:22 +0200
Received: from ren-mail-psmtp-mg01. ([80.109.253.241])
 by vie01a-pemc-psmtp-pe12.mail.upcmail.net with ESMTP
 id XNveoQDoJ8s8UXNveoqeda; Sun, 11 Sep 2022 16:27:22 +0200
Received: from localhost ([213.47.68.29]) by ren-mail-psmtp-mg01. with ESMTP
 id XNveoJTJUOPqFXNveo7UmG; Sun, 11 Sep 2022 16:27:22 +0200
X-Env-Mailfrom: michael@niedermayer.cc
X-Env-Rcptto: ffmpeg-devel@ffmpeg.org
X-SourceIP: 213.47.68.29
X-CNFS-Analysis: v=2.4 cv=OcX7sjfY c=1 sm=1 tr=0 ts=631df04a
 a=2hcxjKEKjp0CzLx6oWAm4g==:117 a=2hcxjKEKjp0CzLx6oWAm4g==:17
 a=MKtGQD3n3ToA:10 a=1oJP67jkp3AA:10 a=GEAsPZ9sns4A:10 a=NEAV23lmAAAA:8
 a=8DdoOCZfUH7Q0U-FqusA:9
From: Michael Niedermayer <michael@niedermayer.cc>
To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
Date: Sun, 11 Sep 2022 16:27:19 +0200
Message-Id: <20220911142721.30812-3-michael@niedermayer.cc>
X-Mailer: git-send-email 2.17.1
In-Reply-To: <20220911142721.30812-1-michael@niedermayer.cc>
References: <20220911142721.30812-1-michael@niedermayer.cc>
X-CMAE-Envelope: 
 MS4wfBx3PI4qOoxTvHi8dGsunRQM6NIoranQJp/O4tBifK2TbdvrP3a8TZcHBbbM5nkih/li47IWXYYwVH5XitN/XKiHdSB1QF4BVb/Mi3gVxb/i8vU1sF0m
 BqO7eJxLl5b5l+uHsFr8wG4o9Ng7a0yHtuuwrGLZ2YACcalKl75zzAVEoBT/LtyUgk1K/Yv59lpTCA==
Subject: [FFmpeg-devel] [PATCH 3/5] avcodec/wavpack: Check for end of input
 in wv_unpack_dsd_high()
X-BeenThere: ffmpeg-devel@ffmpeg.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: FFmpeg development discussions and patches <ffmpeg-devel.ffmpeg.org>
List-Unsubscribe: <https://ffmpeg.org/mailman/options/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=unsubscribe>
List-Archive: <https://ffmpeg.org/pipermail/ffmpeg-devel>
List-Post: <mailto:ffmpeg-devel@ffmpeg.org>
List-Help: <mailto:ffmpeg-devel-request@ffmpeg.org?subject=help>
List-Subscribe: <https://ffmpeg.org/mailman/listinfo/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=subscribe>
Reply-To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
MIME-Version: 1.0
Errors-To: ffmpeg-devel-bounces@ffmpeg.org
Sender: "ffmpeg-devel" <ffmpeg-devel-bounces@ffmpeg.org>
X-TUID: kLL7p1q0Cksa

Fixes: Timeout
Fixes: 50793/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WAVPACK_fuzzer-4980185027444736

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
---
 libavcodec/wavpack.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/libavcodec/wavpack.c b/libavcodec/wavpack.c
index b4d19df7ea2..3cb40775506 100644
--- a/libavcodec/wavpack.c
+++ b/libavcodec/wavpack.c
@@ -495,6 +495,8 @@ static int wv_unpack_dsd_high(WavpackFrameContext *s, uint8_t *dst_left, uint8_t
                 sp[0].fltr0 = 0;
             }
 
+            if (DSD_BYTE_READY(high, low) && !bytestream2_get_bytes_left(&s->gbyte))
+                return AVERROR_INVALIDDATA;
             while (DSD_BYTE_READY(high, low) && bytestream2_get_bytes_left(&s->gbyte)) {
                 value = (value << 8) | bytestream2_get_byte(&s->gbyte);
                 high = (high << 8) | 0xff;
@@ -530,6 +532,8 @@ static int wv_unpack_dsd_high(WavpackFrameContext *s, uint8_t *dst_left, uint8_t
                 sp[1].fltr0 = 0;
             }
 
+            if (DSD_BYTE_READY(high, low) && !bytestream2_get_bytes_left(&s->gbyte))
+                return AVERROR_INVALIDDATA;
             while (DSD_BYTE_READY(high, low) && bytestream2_get_bytes_left(&s->gbyte)) {
                 value = (value << 8) | bytestream2_get_byte(&s->gbyte);
                 high = (high << 8) | 0xff;

From patchwork Sun Sep 11 14:27:20 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Michael Niedermayer <michael@niedermayer.cc>
X-Patchwork-Id: 37845
Delivered-To: ffmpegpatchwork2@gmail.com
Received: by 2002:a05:6a20:139a:b0:8f:1db5:eae2 with SMTP id w26csp1995755pzh;
        Sun, 11 Sep 2022 07:27:46 -0700 (PDT)
X-Google-Smtp-Source: 
 AA6agR5OLFvBnG4G1xenCw86jpz3zzeO77zkvNeDQ6m2IRjbAa1tPFMBarcHKiZU05Tr3ahadZ+z
X-Received: by 2002:aa7:d453:0:b0:44e:4b1d:28a with SMTP id
 q19-20020aa7d453000000b0044e4b1d028amr18196267edr.112.1662906466766;
        Sun, 11 Sep 2022 07:27:46 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1662906466; cv=none;
        d=google.com; s=arc-20160816;
        b=GXK0SFsfd3fg8TAr9JYC36+ypo1qppXmHfXi6GGVdr/JzLwHFXTqqpOQFvZgftlyOF
         5vaPtqKmQFL2vfxvgYsRmV7m45UMePf9z5QMk5C9EgVQx5ywdbW57IXLR+ENt7Nkchr3
         gW8kEM/Fe++7TxLs67tqf7ufyOy7Z5OrC32PYcABfUKBv1jaE31bm5cItWwFWSfibeJ9
         2uKuxlusKBcmZjY+IjLj6v2IKTlWNDkHPZAVu1O92EZwfbHWT6di+ztXEtTxmrUqrtyF
         KLc7qAgkta9Zo6O0uo0HmvI6B0EzssOnvgJMbx9ICaeCdzpHG6Wseo2lys/5iUdcJubB
         bYtQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=sender:errors-to:content-transfer-encoding:mime-version:reply-to
         :list-subscribe:list-help:list-post:list-archive:list-unsubscribe
         :list-id:precedence:subject:references:in-reply-to:message-id:date
         :to:from:delivered-to;
        bh=o/BobVLBSWHhS2w6/uBvOVNuj2J3UMhTzAONuv5daRs=;
        b=SdoHfOgO25rvaCnMcbbHIzzm3ImtWXm6Ey/BUNTsE2dtSSJiMH6WHbTFU/4ApkL7ki
         rScbYJdi5m3GzklQ0FFv2m6t3zH9XQzqdeHnyF9LgtoareU+ZCeJ0m1v9PQllUkhby+p
         O83bPylkIsZ2IZP+P4zQyfKNWNb1NB+0l5UVAFPlmcZIdO9rOhQWIpqvPR5bcqznm1l0
         mKtOViZ+9tOtW4QL58iEW3rG3pm4NuvO/jEysbEalHLG9O1pwdAkAaZEXTVKNa9GGna7
         csq8sIQ9kLfGOFJP8Y0nP40eIOQOo+vnwcRq0utQnRqDqhXzDJIEcj1NYAHDatrUbqHH
         vYfQ==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org
 designates 79.124.17.100 as permitted sender)
 smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org
Return-Path: <ffmpeg-devel-bounces@ffmpeg.org>
Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org. [79.124.17.100])
        by mx.google.com with ESMTP id
 g10-20020a1709065d0a00b00772fe67d540si6072221ejt.433.2022.09.11.07.27.46;
        Sun, 11 Sep 2022 07:27:46 -0700 (PDT)
Received-SPF: pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org
 designates 79.124.17.100 as permitted sender) client-ip=79.124.17.100;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org
 designates 79.124.17.100 as permitted sender)
 smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org
Received: from [127.0.1.1] (localhost [127.0.0.1])
	by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 1281B68BB21;
	Sun, 11 Sep 2022 17:27:32 +0300 (EEST)
X-Original-To: ffmpeg-devel@ffmpeg.org
Delivered-To: ffmpeg-devel@ffmpeg.org
Received: from vie01a-dmta-at03-3.mx.upcmail.net
 (vie01a-dmta-at03-3.mx.upcmail.net [62.179.121.153])
 by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 1B2BA68BAD8
 for <ffmpeg-devel@ffmpeg.org>; Sun, 11 Sep 2022 17:27:24 +0300 (EEST)
Received: from [172.31.216.235] (helo=vie01a-pemc-psmtp-pe12.mail.upcmail.net)
 by vie01a-dmta-at03.mx.upcmail.net with esmtp (Exim 4.92)
 (envelope-from <michael@niedermayer.cc>) id 1oXNvf-002kcR-2G
 for ffmpeg-devel@ffmpeg.org; Sun, 11 Sep 2022 16:27:23 +0200
Received: from ren-mail-psmtp-mg01. ([80.109.253.241])
 by vie01a-pemc-psmtp-pe12.mail.upcmail.net with ESMTP
 id XNvfoQDpQ8s8UXNvfoqede; Sun, 11 Sep 2022 16:27:23 +0200
Received: from localhost ([213.47.68.29]) by ren-mail-psmtp-mg01. with ESMTP
 id XNveoJTJaOPqFXNveo7UmI; Sun, 11 Sep 2022 16:27:23 +0200
X-Env-Mailfrom: michael@niedermayer.cc
X-Env-Rcptto: ffmpeg-devel@ffmpeg.org
X-SourceIP: 213.47.68.29
X-CNFS-Analysis: v=2.4 cv=OcX7sjfY c=1 sm=1 tr=0 ts=631df04b
 a=2hcxjKEKjp0CzLx6oWAm4g==:117 a=2hcxjKEKjp0CzLx6oWAm4g==:17
 a=MKtGQD3n3ToA:10 a=1oJP67jkp3AA:10 a=GEAsPZ9sns4A:10 a=NEAV23lmAAAA:8
 a=ypIXc4zdbvirIAFt7-oA:9
From: Michael Niedermayer <michael@niedermayer.cc>
To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
Date: Sun, 11 Sep 2022 16:27:20 +0200
Message-Id: <20220911142721.30812-4-michael@niedermayer.cc>
X-Mailer: git-send-email 2.17.1
In-Reply-To: <20220911142721.30812-1-michael@niedermayer.cc>
References: <20220911142721.30812-1-michael@niedermayer.cc>
X-CMAE-Envelope: 
 MS4wfPFM66c2Liz1O6dTBDGgBgY6PbQTekWs6PkC3ESc2TyQmqdVQZrjXuEPksthGRBEPJU3YK4lRJVlhbDmE1UD9rlkuuBBR5HxfffzN+jRtw4pi9qDYNyB
 gdsGrBW+OKlpF3A2u5xc+1QNyECsZoSq99yacLuVlvbZfjSHq5oVmjckqlfFoJkDc6Qkb8Jpwl7SSw==
Subject: [FFmpeg-devel] [PATCH 4/5] avcodec/hdrdec: Update w in inner loop
 of decompress()
X-BeenThere: ffmpeg-devel@ffmpeg.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: FFmpeg development discussions and patches <ffmpeg-devel.ffmpeg.org>
List-Unsubscribe: <https://ffmpeg.org/mailman/options/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=unsubscribe>
List-Archive: <https://ffmpeg.org/pipermail/ffmpeg-devel>
List-Post: <mailto:ffmpeg-devel@ffmpeg.org>
List-Help: <mailto:ffmpeg-devel-request@ffmpeg.org?subject=help>
List-Subscribe: <https://ffmpeg.org/mailman/listinfo/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=subscribe>
Reply-To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
MIME-Version: 1.0
Errors-To: ffmpeg-devel-bounces@ffmpeg.org
Sender: "ffmpeg-devel" <ffmpeg-devel-bounces@ffmpeg.org>
X-TUID: xZRVbxOjCOk1

Fixes: out of array access
Fixes: 50936/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_HDR_fuzzer-5423041009549312

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
---
 libavcodec/hdrdec.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libavcodec/hdrdec.c b/libavcodec/hdrdec.c
index 9b262f2ef2c..7727826e2a5 100644
--- a/libavcodec/hdrdec.c
+++ b/libavcodec/hdrdec.c
@@ -70,8 +70,8 @@ static int decompress(uint8_t *scanline, int w, GetByteContext *gb, const uint8_
             for (int i = run << rshift; i > 0 && w > 0 && scanline >= start + 4; i--) {
                 memcpy(scanline, scanline - 4, 4);
                 scanline += 4;
+                w -= 4;
             }
-            w -= run << rshift;
             rshift += 8;
             if (rshift > 16)
                 break;

From patchwork Sun Sep 11 14:27:21 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Michael Niedermayer <michael@niedermayer.cc>
X-Patchwork-Id: 37846
Delivered-To: ffmpegpatchwork2@gmail.com
Received: by 2002:a05:6a20:139a:b0:8f:1db5:eae2 with SMTP id w26csp1995803pzh;
        Sun, 11 Sep 2022 07:27:55 -0700 (PDT)
X-Google-Smtp-Source: 
 AA6agR5ONj2QWjvF7+EXWtRJtvWzl90F3xdh9vhYEY7OEkpWEAulQBsyRVkNRQi0NWRfH90R41uf
X-Received: by 2002:a05:6402:84d:b0:435:a764:9aad with SMTP id
 b13-20020a056402084d00b00435a7649aadmr19878753edz.332.1662906474844;
        Sun, 11 Sep 2022 07:27:54 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1662906474; cv=none;
        d=google.com; s=arc-20160816;
        b=Yr49HYP1JriffgGW3p6Y2EDV+RRjFp3ufNd1jMh3ve8TaMroXo09BL10zQp60RtNL6
         hhj0PasBjpyBhPhBWYWduq/xLehBBpIVPGjkxK1fMe4dWk4LOjlA/+Rycl3sa+cfj6H6
         FxdcCvEKFNFtsIO14qh9djzaiGH0vifrltnapbaBiGqHxxnve28gkpKkjB1sxrqFqsWz
         PWxV7+r06Us4kqc48Zf80i6xmk2fUxP9hAq1oupWKCflk09FKr5UMfG9+EOuxFcASw5R
         bs9vwfV2bHsVIE1Ib1vUxmsLAXb4UG3kID7ytJRsV3/Zo/EqLl4T4Hfcl9vlezgwTfeE
         8yzw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=sender:errors-to:content-transfer-encoding:mime-version:reply-to
         :list-subscribe:list-help:list-post:list-archive:list-unsubscribe
         :list-id:precedence:subject:references:in-reply-to:message-id:date
         :to:from:delivered-to;
        bh=XdK18EfiG/cHJtJJrYJRuqKm5I5zieB3FWtJM//mT1w=;
        b=wsffoNK1tANQW2bqYwVg9ZNPyYZsTZOJ7arly7LSuUn5YkrGr7BZp+iVqgxJhMcy+m
         iToygXnuyiEgs1ZIJOLjPCkFnFywSAEKjFkExzIFDARDvHh0Ybjv6dNiDaX9tH7p197I
         QnoobKPzU50PsJ4hK6U5gly1yFI0yqhKNNFqD2GxjA9tgRE4hi1ul/m9kUU6MVN6nNZv
         eGwp9r7b9bWjVtkn1vtjeg6I3mIqSQwll8RQnXPo+kpwJS0oK5UwrJ2l21F4nWEWT9lx
         Tx0WLYB5F10eEcTk9C4vaBhp9M+/iN7YkJW6oBQrJybNN3Wk1D85gNunoJS829HRO7L6
         ztsA==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org
 designates 79.124.17.100 as permitted sender)
 smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org
Return-Path: <ffmpeg-devel-bounces@ffmpeg.org>
Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org. [79.124.17.100])
        by mx.google.com with ESMTP id
 o6-20020a17090637c600b007330c59455fsi4120909ejc.938.2022.09.11.07.27.53;
        Sun, 11 Sep 2022 07:27:54 -0700 (PDT)
Received-SPF: pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org
 designates 79.124.17.100 as permitted sender) client-ip=79.124.17.100;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org
 designates 79.124.17.100 as permitted sender)
 smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org
Received: from [127.0.1.1] (localhost [127.0.0.1])
	by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 0D56C68BB28;
	Sun, 11 Sep 2022 17:27:33 +0300 (EEST)
X-Original-To: ffmpeg-devel@ffmpeg.org
Delivered-To: ffmpeg-devel@ffmpeg.org
Received: from vie01a-dmta-at02-3.mx.upcmail.net
 (vie01a-dmta-at02-3.mx.upcmail.net [62.179.121.150])
 by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 7F85968B752
 for <ffmpeg-devel@ffmpeg.org>; Sun, 11 Sep 2022 17:27:24 +0300 (EEST)
Received: from [172.31.216.235] (helo=vie01a-pemc-psmtp-pe12.mail.upcmail.net)
 by vie01a-dmta-at02.mx.upcmail.net with esmtp (Exim 4.92)
 (envelope-from <michael@niedermayer.cc>) id 1oXNvf-00C3Qc-DX
 for ffmpeg-devel@ffmpeg.org; Sun, 11 Sep 2022 16:27:23 +0200
Received: from ren-mail-psmtp-mg02. ([80.109.253.241])
 by vie01a-pemc-psmtp-pe12.mail.upcmail.net with ESMTP
 id XNveoQDoS8s8UXNvfoqedg; Sun, 11 Sep 2022 16:27:23 +0200
Received: from localhost ([213.47.68.29]) by ren-mail-psmtp-mg02. with ESMTP
 id XNvfod9zw8eSWXNvfoJM6F; Sun, 11 Sep 2022 16:27:23 +0200
X-Env-Mailfrom: michael@niedermayer.cc
X-Env-Rcptto: ffmpeg-devel@ffmpeg.org
X-SourceIP: 213.47.68.29
X-CNFS-Analysis: v=2.4 cv=KKE5sHJo c=1 sm=1 tr=0 ts=631df04b
 a=2hcxjKEKjp0CzLx6oWAm4g==:117 a=2hcxjKEKjp0CzLx6oWAm4g==:17
 a=MKtGQD3n3ToA:10 a=1oJP67jkp3AA:10 a=GEAsPZ9sns4A:10 a=NEAV23lmAAAA:8
 a=Iipv2ShL1WecYS6SOgoA:9
From: Michael Niedermayer <michael@niedermayer.cc>
To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
Date: Sun, 11 Sep 2022 16:27:21 +0200
Message-Id: <20220911142721.30812-5-michael@niedermayer.cc>
X-Mailer: git-send-email 2.17.1
In-Reply-To: <20220911142721.30812-1-michael@niedermayer.cc>
References: <20220911142721.30812-1-michael@niedermayer.cc>
X-CMAE-Envelope: 
 MS4wfPFM66c2Liz1O6dTBDGgBgY6PbQTekWs6PkC3ESc2TyQjPDnqfvSW4V4AhFnsFHyFw15eARnF0aVJuUEspeUENqg9VcKC0kiTjo+YsYxF4KzN9VQJcF8
 RGYwmAyikpi1y2gM7g9UdoB/MPJo2onLAE1oDbRVb8DF1F0M7RIS3a89oyvJnGWtnNaigWeZTwaT8g==
Subject: [FFmpeg-devel] [PATCH 5/5] tools/target_dec_fuzzer: Adjust
 threshold for Jpeg2000
X-BeenThere: ffmpeg-devel@ffmpeg.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: FFmpeg development discussions and patches <ffmpeg-devel.ffmpeg.org>
List-Unsubscribe: <https://ffmpeg.org/mailman/options/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=unsubscribe>
List-Archive: <https://ffmpeg.org/pipermail/ffmpeg-devel>
List-Post: <mailto:ffmpeg-devel@ffmpeg.org>
List-Help: <mailto:ffmpeg-devel-request@ffmpeg.org?subject=help>
List-Subscribe: <https://ffmpeg.org/mailman/listinfo/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=subscribe>
Reply-To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
MIME-Version: 1.0
Errors-To: ffmpeg-devel-bounces@ffmpeg.org
Sender: "ffmpeg-devel" <ffmpeg-devel-bounces@ffmpeg.org>
X-TUID: iBLv9Yb5koxd

Fixes: Timeout
Fixes: 50955/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_JPEG2000_fuzzer-5148704872464384

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
---
 tools/target_dec_fuzzer.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tools/target_dec_fuzzer.c b/tools/target_dec_fuzzer.c
index 5b335d3130c..3d4521887a2 100644
--- a/tools/target_dec_fuzzer.c
+++ b/tools/target_dec_fuzzer.c
@@ -242,7 +242,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
     case AV_CODEC_ID_IFF_ILBM:    maxpixels  /= 128;   break;
     case AV_CODEC_ID_INDEO4:      maxpixels  /= 128;   break;
     case AV_CODEC_ID_INTERPLAY_ACM: maxsamples /= 16384;  break;
-    case AV_CODEC_ID_JPEG2000:    maxpixels  /= 16;    break;
+    case AV_CODEC_ID_JPEG2000:    maxpixels  /= 4096;  break;
     case AV_CODEC_ID_LAGARITH:    maxpixels  /= 1024;  break;
     case AV_CODEC_ID_LOCO:        maxpixels  /= 1024;  break;
     case AV_CODEC_ID_VORBIS:      maxsamples /= 1024;  break;