[FFmpeg-devel] [PATCH 04/13] avcodec/h263dec: Clean intra tables in decoder, not ff_mpv_reconstruct_mb
Michael Niedermayer
michael at niedermayer.cc
Sun Sep 22 15:08:24 EEST 2024
Hi
On Mon, Jul 01, 2024 at 02:16:01PM +0200, Andreas Rheinhardt wrote:
> This is a more appropriate place than a function designed
> to reconstruct a macroblock. It furthermore limits these checks
> to the codecs that actually need it (and removes it from e.g.
> RV10 and RV20 -- the latter actually uses these buffers, but
> only for intra-frames, so they don't need to be cleaned
> manually).
>
> This furthermore means that ff_mpv_reconstruct_mb() and therefore
> also the error-resilience code no longer needs block_index set.
> This fixes a crash caused by 65d5ccb808ec93de46a2458ea8cc082ce4460f34
> when ff_mpv_reconstruct_mb() is called by VC-1 code without
> block_index being initialized properly (VC-1 uses and initializes
> block_index itself normally).
>
> Fixes: 69814/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VC1_fuzzer-4868081575329792
> Fixes: heap-buffer-overflow
confirmed that it fixes 69814
please apply
[...]
--
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB
Any man who breaks a law that conscience tells him is unjust and willingly
accepts the penalty by staying in jail in order to arouse the conscience of
the community on the injustice of the law is at that moment expressing the
very highest respect for law. - Martin Luther King Jr
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
URL: <https://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20240922/0acdc10e/attachment.sig>
More information about the ffmpeg-devel
mailing list