apps/ffmpeg-rockchip
1
0
Fork 0
mirror of https://github.com/nyanmisaka/ffmpeg-rockchip.git synced 2025-10-31 12:36:41 +08:00
Code Issues Packages Projects Releases Wiki Activity

avcodec/rasc: Check input size in decode_fint()

Browse Source 
Fixes: Timeout (11sec -> 42ms)
Fixes: 18287/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_RASC_fuzzer-5637866331308032

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This commit is contained in:
Michael Niedermayer
2019-10-17 23:57:26 +02:00
parent df498cf544
commit 17603094d5
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
libavcodec/rasc.c
View File

@@ -124,6 +124,8 @@ static int decode_fint(AVCodecContext *avctx,
clear_plane(avctx, s->frame1); clear_plane(avctx, s->frame1);
return 0; return 0;
} }
if (bytestream2_get_bytes_left(gb) < 72)
return AVERROR_INVALIDDATA;
bytestream2_skip(gb, 8); bytestream2_skip(gb, 8);
w = bytestream2_get_le32(gb); w = bytestream2_get_le32(gb);