virtualenv/FFmpeg
1
0
Fork 0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2025-08-15 14:13:16 +02:00
Code Issues Releases Activity

avcodec/ituh263dec: Fix runtime error: left shift of 1342177279 by 1 places cannot be represented in type 'int'

Browse Source 
Fixes: 659/clusterfuzz-testcase-5866673603084288

Huge DMV could be created by an encoder ignoring the spec

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This commit is contained in:
Michael Niedermayer
2017-02-23 23:46:30 +01:00
parent e98dfeb27c
commit 0d85c7bb5a
1 changed files with 4 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
libavcodec/ituh263dec.c
View File

@@ -303,6 +303,10 @@ static int h263p_decode_umotion(MpegEncContext * s, int pred)
{ {
code <<= 1; code <<= 1;
code += get_bits1(&s->gb); code += get_bits1(&s->gb);
if (code >= 32768) {
avpriv_request_sample(s->avctx, "Huge DMV");
return AVERROR_INVALIDDATA;
}
} }
sign = code & 1; sign = code & 1;
code >>= 1; code >>= 1;