From patchwork Sat Jul 22 23:46:20 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Michael Niedermayer <michael@niedermayer.cc>
X-Patchwork-Id: 42918
Delivered-To: ffmpegpatchwork2@gmail.com
Received: by 2002:a05:6a20:be1d:b0:130:ccc6:6c4b with SMTP id
 ge29csp1106824pzb;
        Sat, 22 Jul 2023 16:46:34 -0700 (PDT)
X-Google-Smtp-Source: 
 APBJJlGaYkrtvRpmyFPPLt/61Y700OaNhnAjdCkE+es9pyLpFI+tFfGwUBCQKp5Nrpc4FNv+y+cw
X-Received: by 2002:aa7:cb4e:0:b0:522:289d:8dcd with SMTP id
 w14-20020aa7cb4e000000b00522289d8dcdmr101411edt.35.1690069593984;
        Sat, 22 Jul 2023 16:46:33 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1690069593; cv=none;
        d=google.com; s=arc-20160816;
        b=mESlpusNxhBJ2igGCJ3UPYEigtggW02SKJlk5pbOvhfXg17rBrr77Ao4Ax8gdGSXgJ
         J3sheUSD6f3SBT0oiVoDGwZYGBIjQj/o/xvJNIkdMUxnX4lGRCkvqgSY3hWohiGZ2S6g
         NgEuHwBVilw1GXHs4eFrswOX8/qjeekM+FIostWv5AhlJCDKBUREXDKQ4KxsNFL1k+uN
         JthRGMjddlTGH0iEACco9P5yVqCClErcoAMO1ahvqi1wckDs2cdDgcf3b7bS46+lO4si
         f3emIxEImnUZDYdMMv0ygFiBvPpLRfkTbQJn6GMnGFEXlt0MRMQ4eqQXxbyiVTu7zIXU
         9uDg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=sender:errors-to:content-transfer-encoding:mime-version:reply-to
         :list-subscribe:list-help:list-post:list-archive:list-unsubscribe
         :list-id:precedence:subject:message-id:date:to:from:delivered-to;
        bh=SYrJnsE3P7C4+BAl70T9MxT72fs8ZN0F7lCUC5nyvMU=;
        fh=YYwLYmpaV0Fpw/rxmSKNRLS2XzDkAlGbHATiKOPtZrY=;
        b=q+G/9rXE5qXQLWQK79T9XsQSMqc9Yu14LoQLVAsK4zh6vOHK/Ecp8fTYoEZJsSEA7b
         2ko/4dsg9sgr37wIIwgA6+fqY3VOgy3bpSsnF0VMd1Qbci0NWE3mOtAjQngi1CIiIq/a
         xhy7Iw5y+jVIPSxHAdI7rwlu9HtT/yk741UyrjR3GKxv/g7OD28kZm7wcstOyWdB+GTc
         CnAWLS1udg8mKUbT1gV+KFiRJ8Ji7TBRdB4QyU7IoN3BkztpzwGILto455a/Y0LH6BY5
         RUUkpGYWc3hN6MjUtscS0+dWCjFDU/BL0fgHPXC/raPxossb6aguzMK/uSHqaVKldoII
         UH9w==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org
 designates 79.124.17.100 as permitted sender)
 smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org
Return-Path: <ffmpeg-devel-bounces@ffmpeg.org>
Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org. [79.124.17.100])
        by mx.google.com with ESMTP id
 k3-20020a05640212c300b0051e193964f6si4465468edx.298.2023.07.22.16.46.33;
        Sat, 22 Jul 2023 16:46:33 -0700 (PDT)
Received-SPF: pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org
 designates 79.124.17.100 as permitted sender) client-ip=79.124.17.100;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org
 designates 79.124.17.100 as permitted sender)
 smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org
Received: from [127.0.1.1] (localhost [127.0.0.1])
	by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id AEBBF68C683;
	Sun, 23 Jul 2023 02:46:29 +0300 (EEST)
X-Original-To: ffmpeg-devel@ffmpeg.org
Delivered-To: ffmpeg-devel@ffmpeg.org
Received: from relay2-d.mail.gandi.net (relay2-d.mail.gandi.net
 [217.70.183.194])
 by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id AC56268C55F
 for <ffmpeg-devel@ffmpeg.org>; Sun, 23 Jul 2023 02:46:22 +0300 (EEST)
Received: by mail.gandi.net (Postfix) with ESMTPSA id 0DA8F40002
 for <ffmpeg-devel@ffmpeg.org>; Sat, 22 Jul 2023 23:46:21 +0000 (UTC)
From: Michael Niedermayer <michael@niedermayer.cc>
To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
Date: Sun, 23 Jul 2023 01:46:20 +0200
Message-Id: <20230722234621.28731-1-michael@niedermayer.cc>
X-Mailer: git-send-email 2.17.1
X-GND-Sasl: michael@niedermayer.cc
Subject: [FFmpeg-devel] [PATCH 1/2] avformat/avr: Check sample rate
X-BeenThere: ffmpeg-devel@ffmpeg.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: FFmpeg development discussions and patches <ffmpeg-devel.ffmpeg.org>
List-Unsubscribe: <https://ffmpeg.org/mailman/options/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=unsubscribe>
List-Archive: <https://ffmpeg.org/pipermail/ffmpeg-devel>
List-Post: <mailto:ffmpeg-devel@ffmpeg.org>
List-Help: <mailto:ffmpeg-devel-request@ffmpeg.org?subject=help>
List-Subscribe: <https://ffmpeg.org/mailman/listinfo/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=subscribe>
Reply-To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
MIME-Version: 1.0
Errors-To: ffmpeg-devel-bounces@ffmpeg.org
Sender: "ffmpeg-devel" <ffmpeg-devel-bounces@ffmpeg.org>
X-TUID: a4gBdgygAX/g

Fixes: 54979/clusterfuzz-testcase-minimized-ffmpeg_dem_AVR_fuzzer-6681035461230592
Fixes: Timeout

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
---
 libavformat/avr.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/libavformat/avr.c b/libavformat/avr.c
index 1cc4d56bfb..3fe8614b25 100644
--- a/libavformat/avr.c
+++ b/libavformat/avr.c
@@ -75,6 +75,9 @@ static int avr_read_header(AVFormatContext *s)
     avio_skip(s->pb, 20);
     avio_skip(s->pb, 64);
 
+    if (st->codecpar->sample_rate == 0)
+        return AVERROR_INVALIDDATA;
+
     st->codecpar->codec_id = ff_get_pcm_codec_id(bps, 0, 1, sign);
     if (st->codecpar->codec_id == AV_CODEC_ID_NONE) {
         avpriv_request_sample(s, "Bps %d and sign %d", bps, sign);

From patchwork Sat Jul 22 23:46:21 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Michael Niedermayer <michael@niedermayer.cc>
X-Patchwork-Id: 42919
Delivered-To: ffmpegpatchwork2@gmail.com
Received: by 2002:a05:6a20:be1d:b0:130:ccc6:6c4b with SMTP id
 ge29csp1106874pzb;
        Sat, 22 Jul 2023 16:46:43 -0700 (PDT)
X-Google-Smtp-Source: 
 APBJJlHPjBPKs4QhweQHXUP1OA91/OA4hgR4tZKV4UD9Y8tkCGI69z1jwu+pve1f1Dto8UTTpahI
X-Received: by 2002:a17:907:2ccb:b0:973:c070:1b5f with SMTP id
 hg11-20020a1709072ccb00b00973c0701b5fmr5554854ejc.44.1690069603712;
        Sat, 22 Jul 2023 16:46:43 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1690069603; cv=none;
        d=google.com; s=arc-20160816;
        b=ZUSaP1rQVaY5/vAKF0iaNSi7x1k2RFdSa6SyL8V48ZyXiuK7kH30wnjUhP/vZS4nDw
         sc3nMqF7Nljn1hwkuP+DGh7a5/QvoHP/gp4YU9fvWUc0lEpjZzF6wx0HDxmSHEW1o6Zh
         46MpqzWzV6teQ9knl+TZN0Z9djUNKVJ/S7jkdbwX93DAzVE9rhd0uRkp2K6rGaCqG7ie
         QZDXHmjkqF/P15+mWx4FPm6n3n3nXi6neWrVIRwntlbXFx1UZu3CfvoSCaDbl0n7qV0y
         eTrAnkxpUdcRnRm7KmjcrQnGOQhuQDL5XCIBY7vP1G87qaD3CdqCb11h2hEwA1fzGWgk
         IWrw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=sender:errors-to:content-transfer-encoding:mime-version:reply-to
         :list-subscribe:list-help:list-post:list-archive:list-unsubscribe
         :list-id:precedence:subject:references:in-reply-to:message-id:date
         :to:from:delivered-to;
        bh=F9dzTdRXewwUUuh3RrlfdyZSd8207ddJf2vqY0S4rV0=;
        fh=YYwLYmpaV0Fpw/rxmSKNRLS2XzDkAlGbHATiKOPtZrY=;
        b=BcqzhsKYiSbK4V8JrtiPDtgIWyR3uz6Bniop3g4KgrHa5bY3wbRalfex5FxZ65Qvdk
         2s8nQPRPXvgr/IMt36SZ6KrdhSw+tIkbj9G18xI4Cuu3RLXR/vROag5CWUUC4RCmQFTl
         +AswOhRJip73os59o+hBC+FE045qBMZWOPrJiu/uMXTX5x4wVU3rBxZL3Av4YDVwoDx8
         0Bwq3cgWc/RaUXMHTHtn0e34+87Z8VFKj/r6LRK2mpJRTTXH/SwnLWgybkjCd9YArWFR
         PbzpAVGra4keLgKqa/Ts/sXp59gWBZ5tmVvT1dNQQ/N2dvKb8Rt6aTk0d8hqsDoex61S
         M5gw==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org
 designates 79.124.17.100 as permitted sender)
 smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org
Return-Path: <ffmpeg-devel-bounces@ffmpeg.org>
Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org. [79.124.17.100])
        by mx.google.com with ESMTP id
 k10-20020a170906578a00b00982bd2c070fsi4233150ejq.469.2023.07.22.16.46.43;
        Sat, 22 Jul 2023 16:46:43 -0700 (PDT)
Received-SPF: pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org
 designates 79.124.17.100 as permitted sender) client-ip=79.124.17.100;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org
 designates 79.124.17.100 as permitted sender)
 smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org
Received: from [127.0.1.1] (localhost [127.0.0.1])
	by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id C7FE968C68E;
	Sun, 23 Jul 2023 02:46:30 +0300 (EEST)
X-Original-To: ffmpeg-devel@ffmpeg.org
Delivered-To: ffmpeg-devel@ffmpeg.org
Received: from relay5-d.mail.gandi.net (relay5-d.mail.gandi.net
 [217.70.183.197])
 by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 2331768C59B
 for <ffmpeg-devel@ffmpeg.org>; Sun, 23 Jul 2023 02:46:24 +0300 (EEST)
Received: by mail.gandi.net (Postfix) with ESMTPSA id 7A1A61C0002
 for <ffmpeg-devel@ffmpeg.org>; Sat, 22 Jul 2023 23:46:23 +0000 (UTC)
From: Michael Niedermayer <michael@niedermayer.cc>
To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
Date: Sun, 23 Jul 2023 01:46:21 +0200
Message-Id: <20230722234621.28731-2-michael@niedermayer.cc>
X-Mailer: git-send-email 2.17.1
In-Reply-To: <20230722234621.28731-1-michael@niedermayer.cc>
References: <20230722234621.28731-1-michael@niedermayer.cc>
X-GND-Sasl: michael@niedermayer.cc
Subject: [FFmpeg-devel] [PATCH 2/2] tools/target_dec_fuzzer: Adjust
 threshold for jpeg2000
X-BeenThere: ffmpeg-devel@ffmpeg.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: FFmpeg development discussions and patches <ffmpeg-devel.ffmpeg.org>
List-Unsubscribe: <https://ffmpeg.org/mailman/options/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=unsubscribe>
List-Archive: <https://ffmpeg.org/pipermail/ffmpeg-devel>
List-Post: <mailto:ffmpeg-devel@ffmpeg.org>
List-Help: <mailto:ffmpeg-devel-request@ffmpeg.org?subject=help>
List-Subscribe: <https://ffmpeg.org/mailman/listinfo/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=subscribe>
Reply-To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
MIME-Version: 1.0
Errors-To: ffmpeg-devel-bounces@ffmpeg.org
Sender: "ffmpeg-devel" <ffmpeg-devel-bounces@ffmpeg.org>
X-TUID: o8ldPTyqLwU8

Fixes: Timeout
Fixes: 57385/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_JPEG2000_fuzzer-5394334324490240

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
---
 tools/target_dec_fuzzer.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tools/target_dec_fuzzer.c b/tools/target_dec_fuzzer.c
index 165951dc9d..10c380ef1c 100644
--- a/tools/target_dec_fuzzer.c
+++ b/tools/target_dec_fuzzer.c
@@ -247,7 +247,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
     case AV_CODEC_ID_IFF_ILBM:    maxpixels  /= 128;   break;
     case AV_CODEC_ID_INDEO4:      maxpixels  /= 128;   break;
     case AV_CODEC_ID_INTERPLAY_ACM: maxsamples /= 16384;  break;
-    case AV_CODEC_ID_JPEG2000:    maxpixels  /= 4096;  break;
+    case AV_CODEC_ID_JPEG2000:    maxpixels  /= 16384; break;
     case AV_CODEC_ID_LAGARITH:    maxpixels  /= 1024;  break;
     case AV_CODEC_ID_LOCO:        maxpixels  /= 1024;  break;
     case AV_CODEC_ID_VORBIS:      maxsamples /= 1024;  break;