From patchwork Mon Sep 18 22:35:30 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Niedermayer X-Patchwork-Id: 43767 Delivered-To: ffmpegpatchwork2@gmail.com Received: by 2002:a05:6a20:a886:b0:149:dfde:5c0a with SMTP id ca6csp136019pzb; Mon, 18 Sep 2023 15:35:47 -0700 (PDT) X-Google-Smtp-Source: AGHT+IFo4uAilTl7gLdz1B9ckLp41Tip+bQIZF7kbP3IeuiEBSI8/qfLqGF1oLEkpYJSLb7Gcz4S X-Received: by 2002:a17:907:b16:b0:9ad:b4b2:53c9 with SMTP id h22-20020a1709070b1600b009adb4b253c9mr8360363ejl.29.1695076546996; Mon, 18 Sep 2023 15:35:46 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1695076546; cv=none; d=google.com; s=arc-20160816; b=qQvabtfTlb6x0pAfPGwrOsVW8wUJrdQpUAD+LzseANbsxTj8S+/GAMDDBVX7K/aD46 oYeOQD+CkWjFUguluLTP8h1X4CSPjSvntA3/NfyxQu18UFgnvMsG/j5wrEkZfX+LBHSR CJre8kRuX45KAOZC4i8VFmG3mxsL8QYYwQSEf6UBGcmbzK2D50o6UOlEj8qb9sHc2i9g Ct0ia8TXN1NSPeQ37B9iNcN66egzS1OdvTWHQEl3iJHJcYQ7HcK/LFsRFFOxjD2UcXvZ RO08tJ4pXH3YWIp9q41t6omyWGy3SOtM5/HC01M+ihW5dJf9eJ7Spvy8lCv3dtS5qRuA a7Mg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version:reply-to :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:message-id:date:to:from:delivered-to; bh=LN2LAUqJ7vpo6bJut1u+05jNHscNEdM8xU3ePr5/ot8=; fh=e5zN9xSzcxLA6bGo3lF+CqTbY/oLwzApV03EO/RBfgQ=; b=qFtuTWzMuqXgJ0YrLJP2/9W8I/mhZfoXrXmNqT25VlRByGN2Kwg+ZCD4orLaGPnBG1 mA2dTXxiHDSiQTG3hETGMc6u4C5DvuLMeW4FdE8ihjR/y3agYH4IiFd8OrjwXgpIWPiO IFgql/rfnHKqKmi7T6mUJP2+uEKd+O0T/5g8CVusRaM32KFQbyCcK2KFvcQiJzPNTfCj YMNqUI3tAp/bmFitvCk7HZd/R0VXWDAKkhYz1a/3yVSM73Iku7todJyo8wyNCuwM9CZy SNERZ2DOfCMIs+1Ms9HSJ/91ZhA8iaTkRcnfMTAN2jev7srLp4Zy0BINC+nR/pXFkTyI N6EQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org. [79.124.17.100]) by mx.google.com with ESMTP id y16-20020a170906559000b009a586694dabsi8993010ejp.950.2023.09.18.15.35.45; Mon, 18 Sep 2023 15:35:46 -0700 (PDT) Received-SPF: pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) client-ip=79.124.17.100; Authentication-Results: mx.google.com; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 92B8C68C751; Tue, 19 Sep 2023 01:35:42 +0300 (EEST) X-Original-To: ffmpeg-devel@ffmpeg.org Delivered-To: ffmpeg-devel@ffmpeg.org Received: from relay5-d.mail.gandi.net (relay5-d.mail.gandi.net [217.70.183.197]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 59CCE68C633 for ; Tue, 19 Sep 2023 01:35:36 +0300 (EEST) Received: by mail.gandi.net (Postfix) with ESMTPSA id 626C81C0009 for ; Mon, 18 Sep 2023 22:35:35 +0000 (UTC) From: Michael Niedermayer To: FFmpeg development discussions and patches Date: Tue, 19 Sep 2023 00:35:30 +0200 Message-Id: <20230918223534.23567-1-michael@niedermayer.cc> X-Mailer: git-send-email 2.17.1 X-GND-Sasl: michael@niedermayer.cc Subject: [FFmpeg-devel] [PATCH 1/5] tools/target_dec_fuzzer: Adjust wmapro threshold X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches MIME-Version: 1.0 Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" X-TUID: 8Fh372m1Oucy Fixes: Timeout Fixes: 62266/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMAPRO_fuzzer-5125460729921536 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer --- tools/target_dec_fuzzer.c | 1 + 1 file changed, 1 insertion(+) diff --git a/tools/target_dec_fuzzer.c b/tools/target_dec_fuzzer.c index c3f88ef49f6..b26fcb4b416 100644 --- a/tools/target_dec_fuzzer.c +++ b/tools/target_dec_fuzzer.c @@ -308,6 +308,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { case AV_CODEC_ID_WMV3: maxpixels /= 1024; break; case AV_CODEC_ID_WS_VQA: maxpixels /= 16384; break; case AV_CODEC_ID_WMALOSSLESS: maxsamples /= 1024; break; + case AV_CODEC_ID_WMAPRO: maxsamples /= 16384; break; case AV_CODEC_ID_YLC: maxpixels /= 1024; break; case AV_CODEC_ID_ZEROCODEC: maxpixels /= 128; break; case AV_CODEC_ID_ZLIB: maxpixels /= 4096; break; From patchwork Mon Sep 18 22:35:31 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Niedermayer X-Patchwork-Id: 43768 Delivered-To: ffmpegpatchwork2@gmail.com Received: by 2002:a05:6a20:a886:b0:149:dfde:5c0a with SMTP id ca6csp136080pzb; Mon, 18 Sep 2023 15:35:57 -0700 (PDT) X-Google-Smtp-Source: AGHT+IGqtQgg7L3I89mpRERsFOHE0sg4sUVUo/GJ9KjKa1hqwqWN+5U+EacYGJJRjvV5zvBVfbyC X-Received: by 2002:aa7:dd51:0:b0:523:4bfa:b450 with SMTP id o17-20020aa7dd51000000b005234bfab450mr8570186edw.27.1695076556984; Mon, 18 Sep 2023 15:35:56 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1695076556; cv=none; d=google.com; s=arc-20160816; b=mVyOZUyR5T6N2LOWrj2EPhXMX1vLqK/2IEDpSWBoGHYvbD8Wd0uCdQzAHPljy9DZ1D Og2LnXz5AgvbgWbUgeKIozEK5ixGRgGMd//zhA9t7FinElLXQAeRnc8fmvaSDPuXdTy+ EQvRaktwgf+lUvPgz2798u26nXaYOg/PZxOzdxpFvwieYCB9GXgqi4P8w8vnn+PGbq2l i/fi1iPtvMelrRDt0wQP7NmBqBAiCLeITiTOUj/CCBKxBmHnwZVtfeXRsPqs8g+wa4Tb PS1eatQ9wB1wZlw4OGhTIIZjl7+644OLrpSdUi4j1OuD3rVmirII0SFnXkjQqZ1K1JCE g5WQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version:reply-to :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:references:in-reply-to:message-id:date :to:from:delivered-to; bh=40FvYijq3mCSTGUkjXcV6CV4XVvWFL4YRwXnz0sCDvc=; fh=e5zN9xSzcxLA6bGo3lF+CqTbY/oLwzApV03EO/RBfgQ=; b=FpJuvZFz+5a9Ew//Xc+nOKyEtHDeRk4WPxC4lkje6Obw4nJVdoXB510+2V5LSiZhAe PfQ96r2JnR3vqH/qGDfdc679PLhD08rgC7UacjV+K9SbJc13g+ABS1c1go8Ay6Jl/kVT CP9Q2UGf/ZHWfEIF3HANEsWu3u7SJalN8DiUotEB9mM9NPmXw/z0EgJ0eJ+E+zx53yro CHGF4K6u9z6/xmicVAIqx3UWqna6/TtIG5gxrs/YmT7+nwRr4xaR/oG6j/RldIGeBDes B+mwa2fBrurvKyQh+4Itwnvkt+8H+HDPqhRijhUHp/R200eMAV46/5fF+RVnFr3dbDLW OA3A== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org. [79.124.17.100]) by mx.google.com with ESMTP id t3-20020aa7d703000000b0052892174844si8750158edq.549.2023.09.18.15.35.56; Mon, 18 Sep 2023 15:35:56 -0700 (PDT) Received-SPF: pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) client-ip=79.124.17.100; Authentication-Results: mx.google.com; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id F2B0468C88D; Tue, 19 Sep 2023 01:35:45 +0300 (EEST) X-Original-To: ffmpeg-devel@ffmpeg.org Delivered-To: ffmpeg-devel@ffmpeg.org Received: from relay4-d.mail.gandi.net (relay4-d.mail.gandi.net [217.70.183.196]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 32E0D68C751 for ; Tue, 19 Sep 2023 01:35:37 +0300 (EEST) Received: by mail.gandi.net (Postfix) with ESMTPSA id 64B6CE0003 for ; Mon, 18 Sep 2023 22:35:36 +0000 (UTC) From: Michael Niedermayer To: FFmpeg development discussions and patches Date: Tue, 19 Sep 2023 00:35:31 +0200 Message-Id: <20230918223534.23567-2-michael@niedermayer.cc> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20230918223534.23567-1-michael@niedermayer.cc> References: <20230918223534.23567-1-michael@niedermayer.cc> X-GND-Sasl: michael@niedermayer.cc Subject: [FFmpeg-devel] [PATCH 2/5] avcodec/apedec: Fix an integer overflow in predictor_update_filter() X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches MIME-Version: 1.0 Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" X-TUID: fw6hDTtiDO9q Fixes: signed integer overflow: -2147483506 + -801380 cannot be represented in type 'int' Fixes: 62164/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-6578985923117056 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer --- libavcodec/apedec.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libavcodec/apedec.c b/libavcodec/apedec.c index 62cb397490d..8bfbb75b41e 100644 --- a/libavcodec/apedec.c +++ b/libavcodec/apedec.c @@ -1220,7 +1220,7 @@ static av_always_inline int predictor_update_filter(APEPredictor64 *p, if (interim_mode < 1) { predictionA = (int32_t)predictionA; predictionB = (int32_t)predictionB; - p->lastA[filter] = decoded + ((int32_t)(predictionA + (predictionB >> 1)) >> 10); + p->lastA[filter] = (int32_t)(decoded + (unsigned)((int32_t)(predictionA + (predictionB >> 1)) >> 10)); } else { p->lastA[filter] = decoded + ((int64_t)((uint64_t)predictionA + (predictionB >> 1)) >> 10); } From patchwork Mon Sep 18 22:35:32 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Niedermayer X-Patchwork-Id: 43769 Delivered-To: ffmpegpatchwork2@gmail.com Received: by 2002:a05:6a20:a886:b0:149:dfde:5c0a with SMTP id ca6csp136142pzb; Mon, 18 Sep 2023 15:36:06 -0700 (PDT) X-Google-Smtp-Source: AGHT+IEWLHwojSBJ2ncGPcyMyJXyC0Yb8UV5uW3rR+DUkH+bBx2lyt5oic+D7+THw0BzDefDuIrg X-Received: by 2002:a05:651c:10c:b0:2bc:d5f1:b9cf with SMTP id a12-20020a05651c010c00b002bcd5f1b9cfmr8374125ljb.27.1695076566189; Mon, 18 Sep 2023 15:36:06 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1695076566; cv=none; d=google.com; s=arc-20160816; b=bYHGrHWAhGucVe+lx6q0IYftKqt1xo2GOnHWnP3z2NhAB/SvPvEd5I5V9Dgy+VlTpT /1rAOZu9AVxSX/9ao/VCf48r/nBuIzrroAOOlYMOR9iSa3l9P7HWHwsvv92FT3Z6TUVz O458KR67B3u8TlHH2D3nwtqgdRt1ESS48H/TW99k7QwRaTPUtlyNA3HGSFKZplQSbd/C 1xuFHyo/sZQmc+hbk3fshKDXWFXqev5S4TRNRpfJpBSSiSjD0osVcalN18tzubz1Gvo8 OCWYIIYDynqnyNyEsnXug9Uo6DB3zcENK3RkE1ctvxsXk/2K6+hiymU39VgQ+qIQNFQo AOiQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version:reply-to :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:references:in-reply-to:message-id:date :to:from:delivered-to; bh=GCkcApfPnmqy+4vIlIP3vlFwWJcG2PND3rDsAqdWCO0=; fh=e5zN9xSzcxLA6bGo3lF+CqTbY/oLwzApV03EO/RBfgQ=; b=jyzGNy6SPnTZQieVcGoFx9dDLu++Pb0LjidX9esZtSReYZ039HQEEdB/J3+qHonX9O 4nbmZKDZIKAhDG6uufQB1N+E5qL9yn8YuHkD/mthsS7WSMxBjHPGBy1S2zZLOcyqb53R 692OJ9G1uvq9NDmBCTQG7UEjDSP+pYfGpCVodqanL6T2MTMjh0leDjeYtlZ6y8TyhB+r 0eq9TZxyfKLA7NuMhG5wufYap6io4KcYMr8FRsPBZyGk68L2SG3P6gUOjIO405btaAWh UQKfpR98groZdByKsAASmH+mowZv9K21pB02sd6wAkSV9gCOeIN7nma8l6o7XAVd9IAm Gixg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org. [79.124.17.100]) by mx.google.com with ESMTP id qt26-20020a170906ecfa00b009ad821deffcsi8851331ejb.17.2023.09.18.15.36.04; Mon, 18 Sep 2023 15:36:06 -0700 (PDT) Received-SPF: pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) client-ip=79.124.17.100; Authentication-Results: mx.google.com; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 1E93668C805; Tue, 19 Sep 2023 01:35:47 +0300 (EEST) X-Original-To: ffmpeg-devel@ffmpeg.org Delivered-To: ffmpeg-devel@ffmpeg.org Received: from relay9-d.mail.gandi.net (relay9-d.mail.gandi.net [217.70.183.199]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 3905768C879 for ; Tue, 19 Sep 2023 01:35:38 +0300 (EEST) Received: by mail.gandi.net (Postfix) with ESMTPSA id 5A403FF803 for ; Mon, 18 Sep 2023 22:35:37 +0000 (UTC) From: Michael Niedermayer To: FFmpeg development discussions and patches Date: Tue, 19 Sep 2023 00:35:32 +0200 Message-Id: <20230918223534.23567-3-michael@niedermayer.cc> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20230918223534.23567-1-michael@niedermayer.cc> References: <20230918223534.23567-1-michael@niedermayer.cc> X-GND-Sasl: michael@niedermayer.cc Subject: [FFmpeg-devel] [PATCH 3/5] avcodec/dcadec: Do not explode EAGAIN X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches MIME-Version: 1.0 Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" X-TUID: LlDkpSFCKmWO Fixes: out of array access Fixes: 62164/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DCA_fuzzer-6041088751960064 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer --- libavcodec/dcadec.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libavcodec/dcadec.c b/libavcodec/dcadec.c index 3e3e3053bbe..070a9ae094d 100644 --- a/libavcodec/dcadec.c +++ b/libavcodec/dcadec.c @@ -221,7 +221,7 @@ static int dcadec_decode_frame(AVCodecContext *avctx, AVFrame *frame, && (prev_packet & DCA_PACKET_XLL) && (s->packet & DCA_PACKET_CORE)) s->packet |= DCA_PACKET_XLL | DCA_PACKET_RECOVERY; - else if (ret == AVERROR(ENOMEM) || (avctx->err_recognition & AV_EF_EXPLODE)) + else if (ret == AVERROR(ENOMEM) || (avctx->err_recognition & AV_EF_EXPLODE) && ret != AVERROR(EAGAIN)) return ret; } else { s->packet |= DCA_PACKET_XLL; From patchwork Mon Sep 18 22:35:33 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Niedermayer X-Patchwork-Id: 43770 Delivered-To: ffmpegpatchwork2@gmail.com Received: by 2002:a05:6a20:a886:b0:149:dfde:5c0a with SMTP id ca6csp136202pzb; Mon, 18 Sep 2023 15:36:14 -0700 (PDT) X-Google-Smtp-Source: AGHT+IHKD03FrYwCy/xBC4Yct4EbPgurpyiY5w8ArblEDO+TrCa0UbVVrnu2EpchQoG78OzCJgg2 X-Received: by 2002:a17:906:cc4a:b0:9a2:ecd:d963 with SMTP id mm10-20020a170906cc4a00b009a20ecdd963mr7930576ejb.44.1695076574172; Mon, 18 Sep 2023 15:36:14 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1695076574; cv=none; d=google.com; s=arc-20160816; b=HriLMm4r/Xdv/vcMDI9gipB6o/cUMdraMllEVFygXk80ap/TfQpW1B/xWTZoDlAWh0 16bILuWTvnX8jxJUi4j/CEcLWUlavZI2WXhe40N+hC5hkkYKTd5dz/4TlW2nn+Bd6016 8cQ4obaG9SFEUFhUoJc2e/W5LyLXCQEjFhgQIhraZnRknAdS+4vdxdu9l0IIGyDBT35I LbcWXd0pzjjh5VwyjXuJrnvII/10YAaugcWUvJRHodEdi2FETBCt3Nbn3xXn7mW0kFxc V2VMhbyzuOLTCrlAQjIjhXCBz5jzP67IREov0medES+U8vimnH666DdxNTjI81Y36mg2 cBfg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version:reply-to :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:references:in-reply-to:message-id:date :to:from:delivered-to; bh=cQaBnEkjFgChdlegwQ3uN3H62Ouf6lZzuGuKRHeF8Rk=; fh=e5zN9xSzcxLA6bGo3lF+CqTbY/oLwzApV03EO/RBfgQ=; b=xYmgeZAAMTLIObFrM46RRAvfTy+71/rCVvQFMuaK3KtsKfldAaO1IRzInhLQDSECRG duQKSsiGUzuSq1GxBXnzZV3sIFZhslYwFHhWanteOtSXoxR03xw7d1Lftt0RqUlC/LP9 FjUGaMY/f2TvAc+maSt7Bz99XETk7C6rhlMOgV6jUMSGYS6j6B/1p6qKooFDh3yBwhZY QWiYQrSYHcecmmOEZeip2NNROGhWyWvOvbCRvYkkCribbZa03T5efF8xiSuGD/g/Z/Qt 6cljQaG/GFQjOEmSFV1+qV3DdwUgKFtVovTiQ2QB5rwz2jDHYHGexlSjXZK2Q0oLdsS3 HsPA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org. [79.124.17.100]) by mx.google.com with ESMTP id c10-20020a170906924a00b0099e09f0a544si8899159ejx.871.2023.09.18.15.36.13; Mon, 18 Sep 2023 15:36:14 -0700 (PDT) Received-SPF: pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) client-ip=79.124.17.100; Authentication-Results: mx.google.com; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 071BB68C8B0; Tue, 19 Sep 2023 01:35:48 +0300 (EEST) X-Original-To: ffmpeg-devel@ffmpeg.org Delivered-To: ffmpeg-devel@ffmpeg.org Received: from relay8-d.mail.gandi.net (relay8-d.mail.gandi.net [217.70.183.201]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 1432468C2FB for ; Tue, 19 Sep 2023 01:35:39 +0300 (EEST) Received: by mail.gandi.net (Postfix) with ESMTPSA id 451D11BF207 for ; Mon, 18 Sep 2023 22:35:38 +0000 (UTC) From: Michael Niedermayer To: FFmpeg development discussions and patches Date: Tue, 19 Sep 2023 00:35:33 +0200 Message-Id: <20230918223534.23567-4-michael@niedermayer.cc> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20230918223534.23567-1-michael@niedermayer.cc> References: <20230918223534.23567-1-michael@niedermayer.cc> X-GND-Sasl: michael@niedermayer.cc Subject: [FFmpeg-devel] [PATCH 4/5] avcodec/escape124: Do not return random numbers X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches MIME-Version: 1.0 Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" X-TUID: LJgFYHLd3XY2 Fixes: out of array access Fixes: 62164/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ESCAPE124_fuzzer-6035022714634240 Fixes: 62164/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ESCAPE124_fuzzer-6422176201572352 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer --- libavcodec/escape124.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/libavcodec/escape124.c b/libavcodec/escape124.c index cd62f8d1f04..357320ef94f 100644 --- a/libavcodec/escape124.c +++ b/libavcodec/escape124.c @@ -234,7 +234,7 @@ static int escape124_decode_frame(AVCodecContext *avctx, AVFrame *frame, if ((ret = av_frame_ref(frame, s->frame)) < 0) return ret; - return frame_size; + return 0; } for (i = 0; i < 3; i++) { @@ -367,7 +367,7 @@ static int escape124_decode_frame(AVCodecContext *avctx, AVFrame *frame, *got_frame = 1; - return frame_size; + return 0; } From patchwork Mon Sep 18 22:35:34 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Niedermayer X-Patchwork-Id: 43771 Delivered-To: ffmpegpatchwork2@gmail.com Received: by 2002:a05:6a20:a886:b0:149:dfde:5c0a with SMTP id ca6csp136266pzb; Mon, 18 Sep 2023 15:36:26 -0700 (PDT) X-Google-Smtp-Source: AGHT+IHft1ZPeSJ8iF0C7O2y+HZi2tq77G+f7pS4BY6vdiYAUskiRs1zc5CzehOIOKbXxKVwBks6 X-Received: by 2002:a17:907:a06b:b0:9a5:9f3c:961e with SMTP id ia11-20020a170907a06b00b009a59f3c961emr1326668ejc.18.1695076586215; Mon, 18 Sep 2023 15:36:26 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1695076586; cv=none; d=google.com; s=arc-20160816; b=v/f6kZI13EsJGrZFvW5qXBGwkBqKA8IVAIWpGYk4XCjNd7dem0SggLBdTJz7J4EGQF ZGQetpLrYSOk0KtyYV28pgoDRMFWVoH/iD80uIgcsvR+hu8DSCmykQitz5XMUI+MIzI5 dw8ewgLx2/HcMczGVZwN85UaNdLJocsgrEAPI3xHeZgAyYUBnyn2CxfrZWpY0gfHpzvU THta/MFJpmUTHQEt6mpFQS81czE9+Fz1Himrdo5f2aVWMEVnCaOMHEGSB4CHAjT2T43K Jr5hm8Kqgyy6zSNWnv6lKp3HdE7KBz1te+M6AkT396riXZFbOQ8mRmb4AjZmnPRj7wNX 3ANw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version:reply-to :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:references:in-reply-to:message-id:date :to:from:delivered-to; bh=Ew3CCB9mWg3t3WgwrXI8AaaQZkMmQA4JbgiHSCGJPKc=; fh=e5zN9xSzcxLA6bGo3lF+CqTbY/oLwzApV03EO/RBfgQ=; b=FYMnUKUOmNxNcLCc9gmbXEyV4mhGhGKX0VR+SBDxxfKtb1oQWhAS95SusQt/r51yrH y21URq9xf80XGXqkTpkN+Gv5JFLinM8Zi6Zmm+yj5WZStyHE2Dz5OQLg/JxlFrqfxtSN MHJTQfP5pK6ARcJ053hyDX7gOCGJ7A8nPg2j4XLHopOg/qF97G3aysRjwjYWoi5Ttlks /XDa5jlTVWUEtFDQHciYpU/ast1KjQmDOpHIRArEyVFs1VrbO7DtP1GI925+xGuUa9Z9 h3EFyyOP20HYBaC895ycPASnNBR26RGX+Mo2qIqyvCdrWh/Kbp3B/uuIHxytsUAAXbwV x/KA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org. [79.124.17.100]) by mx.google.com with ESMTP id y11-20020a170906070b00b009ae0c601a03si2304004ejb.877.2023.09.18.15.36.22; Mon, 18 Sep 2023 15:36:26 -0700 (PDT) Received-SPF: pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) client-ip=79.124.17.100; Authentication-Results: mx.google.com; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 198D568C8B7; Tue, 19 Sep 2023 01:35:49 +0300 (EEST) X-Original-To: ffmpeg-devel@ffmpeg.org Delivered-To: ffmpeg-devel@ffmpeg.org Received: from relay7-d.mail.gandi.net (relay7-d.mail.gandi.net [217.70.183.200]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 266F868C843 for ; Tue, 19 Sep 2023 01:35:40 +0300 (EEST) Received: by mail.gandi.net (Postfix) with ESMTPSA id 5827F20004 for ; Mon, 18 Sep 2023 22:35:39 +0000 (UTC) From: Michael Niedermayer To: FFmpeg development discussions and patches Date: Tue, 19 Sep 2023 00:35:34 +0200 Message-Id: <20230918223534.23567-5-michael@niedermayer.cc> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20230918223534.23567-1-michael@niedermayer.cc> References: <20230918223534.23567-1-michael@niedermayer.cc> X-GND-Sasl: michael@niedermayer.cc Subject: [FFmpeg-devel] [PATCH 5/5] avcodec/decode: EAGAIN is not fully supported in decode_simple_internal() X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches MIME-Version: 1.0 Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" X-TUID: t11OANtw1yDX Signed-off-by: Michael Niedermayer --- libavcodec/decode.c | 1 + 1 file changed, 1 insertion(+) diff --git a/libavcodec/decode.c b/libavcodec/decode.c index 169ee79acd9..376e4a4d373 100644 --- a/libavcodec/decode.c +++ b/libavcodec/decode.c @@ -457,6 +457,7 @@ FF_ENABLE_DEPRECATION_WARNINGS if (ret == AVERROR(EAGAIN)) av_frame_unref(frame); + av_assert0(consumed != AVERROR(EAGAIN)); // code later will add AVERROR(EAGAIN) to a pointer if (consumed < 0) ret = consumed; if (consumed >= 0 && avctx->codec->type == AVMEDIA_TYPE_VIDEO)