[FFmpeg-devel] [PATCH 5/7] avformat/mxfdec: Check for duplicate mxf_read_index_entry_array()
Michael Niedermayer
michael at niedermayer.cc
Thu Dec 9 14:41:32 EET 2021
On Wed, Dec 08, 2021 at 12:41:43AM +0100, Tomas Härdin wrote:
> sön 2021-12-05 klockan 22:19 +0100 skrev Michael Niedermayer:
> > Fixes: memleak
> > Fixes: 41596/clusterfuzz-testcase-minimized-ffmpeg_dem_MXF_fuzzer-
> > 6439060204290048
> >
> > Found-by: continuous fuzzing process
> > https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
> > Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
> > ---
> > libavformat/mxfdec.c | 3 +++
> > 1 file changed, 3 insertions(+)
> >
> > diff --git a/libavformat/mxfdec.c b/libavformat/mxfdec.c
> > index c231c944c01..1d501982793 100644
> > --- a/libavformat/mxfdec.c
> > +++ b/libavformat/mxfdec.c
> > @@ -1111,6 +1111,9 @@ static int
> > mxf_read_index_entry_array(AVIOContext *pb, MXFIndexTableSegment *seg
> > {
> > int i, length;
> >
> > + if (segment->temporal_offset_entries)
> > + return AVERROR_INVALIDDATA;
> > +
> > segment->nb_index_entries = avio_rb32(pb);
> >
> > length = avio_rb32(pb);
>
> Should be OK. Not sure if the spec allows multiple IndexEntryArrays per
> index table, but this at least shouldn't break anything since it
> wouldn't have been working correctly before either way.
will apply
thx
[...]
--
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB
If you drop bombs on a foreign country and kill a hundred thousand
innocent people, expect your government to call the consequence
"unprovoked inhuman terrorist attacks" and use it to justify dropping
more bombs and killing more people. The technology changed, the idea is old.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
URL: <https://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20211209/f7d4704e/attachment.sig>
More information about the ffmpeg-devel
mailing list