[FFmpeg-devel] [PATCH 1/2] indeo4: Decode all or nothing of a band header.

Michael Niedermayer michael at niedermayer.cc
Sat May 26 01:54:16 EEST 2018


On Thu, May 17, 2018 at 02:38:57PM +0200, Michael Niedermayer wrote:
> This avoids inconsistent value combinations.
> Alternatively it would be possible to add more checks and careful use of
> temporary variables, but my try of this quickly seemed to become
> a rather large change.
> The disadvantage of this, is that the struct is copied back and forth.
> 
> Fixes: index 6 out of bounds for type 'const uint16_t [5][16]'
> Fixes: 6557/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_INDEO4_fuzzer-4787296550256640
> 
> Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
> Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
> ---
>  libavcodec/indeo4.c | 11 ++++++++---
>  1 file changed, 8 insertions(+), 3 deletions(-)

will apply patchset

[...]
-- 
Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

The educated differ from the uneducated as much as the living from the
dead. -- Aristotle 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: not available
URL: <http://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20180526/64c93705/attachment.sig>


More information about the ffmpeg-devel mailing list