virtualenv/FFmpeg
1
0
Fork 0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2025-09-16 08:36:51 +02:00
Code Issues Releases Activity

avcodec/hdrdec: Update w in inner loop of decompress()

Browse Source 
Fixes: out of array access
Fixes: 50936/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_HDR_fuzzer-5423041009549312

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This commit is contained in:
Michael Niedermayer
2022-09-11 13:03:54 +02:00
parent 3993345f91
commit 14e99cb472
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
libavcodec/hdrdec.c
View File

@@ -70,8 +70,8 @@ static int decompress(uint8_t *scanline, int w, GetByteContext *gb, const uint8_
for (int i = run << rshift; i > 0 && w > 0 && scanline >= start + 4; i--) {
memcpy(scanline, scanline - 4, 4);
scanline += 4;
w -= 4;
}
w -= run << rshift;
rshift += 8;
if (rshift > 16)
break;