[FFmpeg-devel] [PATCH 4/6] avformat/flvdec: Check for nesting depth in amf_parse_object()
Anton Khirnov
anton at khirnov.net
Sun Jan 24 15:14:43 EET 2021
Quoting Michael Niedermayer (2021-01-23 23:10:54)
> Fixes: out of array access
> Fixes: 29202/clusterfuzz-testcase-minimized-ffmpeg_dem_KUX_fuzzer-5112845840809984
>
> Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
> Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
> ---
> libavformat/flvdec.c | 5 +++++
> 1 file changed, 5 insertions(+)
>
> diff --git a/libavformat/flvdec.c b/libavformat/flvdec.c
> index 07ef342278..e15be0a221 100644
> --- a/libavformat/flvdec.c
> +++ b/libavformat/flvdec.c
> @@ -41,6 +41,8 @@
>
> #define RESYNC_BUFFER_SIZE (1<<20)
>
> +#define MAX_DEPTH 10
Why 10 specifically. And which buffer overflows?
--
Anton Khirnov
More information about the ffmpeg-devel
mailing list