[FFmpeg-devel] [PATCH 2/3] avcodec/ituh263dec: Use 0xffff as error code in h263p_decode_umotion()

Michael Niedermayer michael at niedermayer.cc
Tue Feb 28 23:07:37 EET 2017


This matches ff_h263_decode_motion() both functions error codes are interpreted by the same common code

Fixes: 690/clusterfuzz-testcase-4744944981901312

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
---
 libavcodec/ituh263dec.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libavcodec/ituh263dec.c b/libavcodec/ituh263dec.c
index e39338870f..edb68861ac 100644
--- a/libavcodec/ituh263dec.c
+++ b/libavcodec/ituh263dec.c
@@ -305,7 +305,7 @@ static int h263p_decode_umotion(MpegEncContext * s, int pred)
       code += get_bits1(&s->gb);
       if (code >= 32768) {
           avpriv_request_sample(s->avctx, "Huge DMV");
-          return AVERROR_INVALIDDATA;
+          return 0xffff;
       }
    }
    sign = code & 1;
-- 
2.11.0



More information about the ffmpeg-devel mailing list