]> git.sesse.net Git - ffmpeg/commitdiff
projects / ffmpeg / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 161495a)
avcodec/wmalosslessdec: Check remaining space before padding and channel residue
authorMichael Niedermayer <michael@niedermayer.cc>
Sun, 13 Sep 2020 19:12:17 +0000 (21:12 +0200)
committerMichael Niedermayer <michael@niedermayer.cc>
Wed, 16 Sep 2020 22:06:48 +0000 (00:06 +0200)
Fixes: Timeout (1101sec -> 0.4sec)
Fixes: 24491/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMALOSSLESS_fuzzer-5725337036783616
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
libavcodec/wmalosslessdec.c patch | blob | history

diff --git a/libavcodec/wmalosslessdec.c b/libavcodec/wmalosslessdec.c
index 725e811070dd8be51aa240f9a5457f9d1e88782c..b8d0f6220d8e89f93a68ced2f886cce5ca17adba 100644 (file)
--- a/libavcodec/wmalosslessdec.c
+++ b/libavcodec/wmalosslessdec.c
@@ -932,6 +932,8 @@ static int decode_subframe(WmallDecodeCtx *s)
             s->do_lpc = 0;
     }
 
+    if (get_bits_left(&s->gb) < 1)
+        return AVERROR_INVALIDDATA;
 
     if (get_bits1(&s->gb))
         padding_zeroes = get_bits(&s->gb, 5);
Unnamed repository; edit this file 'description' to name the repository.