virtualenv/FFmpeg
1
0
Fork 0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2025-08-10 06:10:52 +02:00
Code Issues Releases Activity

avcodec/alsdec: Set channels from data after data is set

Browse Source 
Fixes: out of array write
Fixes: 45624/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ALS_fuzzer-6473487382872064
Fixes: 45626/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ALS_fuzzer-4874997192065024

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: James Almer <jamrial@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This commit is contained in:
Michael Niedermayer
2022-03-18 00:11:28 +01:00
parent b59ea948cd
commit 31916d3d9f
1 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
libavcodec/alsdec.c
View File

@@ -1986,7 +1986,7 @@ static av_cold int decode_init(AVCodecContext *avctx)
unsigned int c; unsigned int c;
unsigned int channel_size; unsigned int channel_size;
int num_buffers, ret; int num_buffers, ret;
int channels = avctx->ch_layout.nb_channels; int channels;
ALSDecContext *ctx = avctx->priv_data; ALSDecContext *ctx = avctx->priv_data;
ALSSpecificConfig *sconf = &ctx->sconf; ALSSpecificConfig *sconf = &ctx->sconf;
ctx->avctx = avctx; ctx->avctx = avctx;
@@ -2000,6 +2000,7 @@ static av_cold int decode_init(AVCodecContext *avctx)
av_log(avctx, AV_LOG_ERROR, "Reading ALSSpecificConfig failed.\n"); av_log(avctx, AV_LOG_ERROR, "Reading ALSSpecificConfig failed.\n");
return ret; return ret;
} }
channels = avctx->ch_layout.nb_channels;
if ((ret = check_specific_config(ctx)) < 0) { if ((ret = check_specific_config(ctx)) < 0) {
return ret; return ret;