1
0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2025-01-13 21:28:01 +02:00

avcodec/dcadec: Do not explode EAGAIN

Fixes: out of array access
Fixes: 62164/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DCA_fuzzer-6041088751960064

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This commit is contained in:
James Almer 2023-09-17 00:05:18 +02:00 committed by Michael Niedermayer
parent 42b20c93ae
commit 13d22dc454
No known key found for this signature in database
GPG Key ID: B18E8928B3948D64

View File

@ -217,11 +217,10 @@ static int dcadec_decode_frame(AVCodecContext *avctx, AVFrame *frame,
if (asset && (asset->extension_mask & DCA_EXSS_XLL)) { if (asset && (asset->extension_mask & DCA_EXSS_XLL)) {
if ((ret = ff_dca_xll_parse(&s->xll, input, asset)) < 0) { if ((ret = ff_dca_xll_parse(&s->xll, input, asset)) < 0) {
// Conceal XLL synchronization error // Conceal XLL synchronization error
if (ret == AVERROR(EAGAIN) if (ret == AVERROR(EAGAIN)) {
&& (prev_packet & DCA_PACKET_XLL) if ((prev_packet & DCA_PACKET_XLL) && (s->packet & DCA_PACKET_CORE))
&& (s->packet & DCA_PACKET_CORE)) s->packet |= DCA_PACKET_XLL | DCA_PACKET_RECOVERY;
s->packet |= DCA_PACKET_XLL | DCA_PACKET_RECOVERY; } else if (ret == AVERROR(ENOMEM) || (avctx->err_recognition & AV_EF_EXPLODE))
else if (ret == AVERROR(ENOMEM) || (avctx->err_recognition & AV_EF_EXPLODE))
return ret; return ret;
} else { } else {
s->packet |= DCA_PACKET_XLL; s->packet |= DCA_PACKET_XLL;