virtualenv/FFmpeg
1
0
Fork 0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2025-10-30 23:18:11 +02:00
Code Issues Releases Activity

avcodec/hq_hqa: Check available space before reading slice offsets

Browse Source 
Fixes: Timeout (43sec -> 18sec)
Fixes: 14556/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_HQ_HQA_fuzzer-5673543024508928

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This commit is contained in:
Michael Niedermayer
2019-05-11 23:05:47 +02:00
parent e5ce105149
commit 407e7c34ca
1 changed files with 3 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
libavcodec/hq_hqa.c
View File

@@ -248,6 +248,9 @@ static int hqa_decode_frame(HQContext *ctx, AVFrame *pic, size_t data_size)
int width, height, quant;
const uint8_t *src = ctx->gbc.buffer;
if (bytestream2_get_bytes_left(&ctx->gbc) < 8 + 4*(num_slices + 1))
return AVERROR_INVALIDDATA;
width = bytestream2_get_be16(&ctx->gbc);
height = bytestream2_get_be16(&ctx->gbc);