]> git.sesse.net Git - ffmpeg/commitdiff
projects / ffmpeg / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: c000a91)
avcodec/fmvc: avoid copying uninitialized data
authorMichael Niedermayer <michael@niedermayer.cc>
Tue, 2 Feb 2021 21:29:25 +0000 (22:29 +0100)
committerMichael Niedermayer <michael@niedermayer.cc>
Sun, 14 Feb 2021 18:55:02 +0000 (19:55 +0100)
Fixes: Timeout
Fixes: 30049/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_FMVC_fuzzer-5986909455253504
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
libavcodec/fmvc.c patch | blob | history

diff --git a/libavcodec/fmvc.c b/libavcodec/fmvc.c
index 5bee96a18de4d4f4385a7161960f7dcc925d2a4c..3701b0849b79c48a26fbd34a83fe80ecb0092f66 100644 (file)
--- a/libavcodec/fmvc.c
+++ b/libavcodec/fmvc.c
@@ -440,6 +440,8 @@ static int decode_frame(AVCodecContext *avctx, void *data,
             memcpy(dst, src, avctx->width * s->bpp);
             dst -= frame->linesize[0];
             src += s->stride * 4;
+            if (bytestream2_tell_p(pb) < y*s->stride * 4)
+                break;
         }
     } else {
         unsigned block, nb_blocks;
Unnamed repository; edit this file 'description' to name the repository.