1
0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2025-01-19 05:49:09 +02:00

avcodec/scpr: Check for min > max in decompress_p()

Fixes: Timeout
Fixes: 9342/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SCPR_fuzzer-4795990841229312

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 3378194ce8e9a126a7cc6ed57bedde1221790469)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This commit is contained in:
Michael Niedermayer 2018-08-04 23:45:52 +02:00
parent cd42c19f53
commit b95c209a61

@ -526,6 +526,9 @@ static int decompress_p(AVCodecContext *avctx,
return ret;
max += temp << 8;
if (min > max)
return AVERROR_INVALIDDATA;
memset(s->blocks, 0, sizeof(*s->blocks) * s->nbcount);
while (min <= max) {