]> git.sesse.net Git - ffmpeg/commitdiff
projects / ffmpeg / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: df7e79a)
avcodec/loco: Check left column value
authorMichael Niedermayer <michael@niedermayer.cc>
Mon, 12 Aug 2019 19:17:04 +0000 (21:17 +0200)
committerMichael Niedermayer <michael@niedermayer.cc>
Wed, 14 Aug 2019 23:26:21 +0000 (01:26 +0200)
Fixes: Timeout (42sec -> 379 ms)
Fixes: 16323/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_LOCO_fuzzer-5679178099195904
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
libavcodec/loco.c patch | blob | history

diff --git a/libavcodec/loco.c b/libavcodec/loco.c
index 5fb414b4111cbad00edfaa49d29b58645905908b..d8bf68a1009836eba439846b18df653b82527e80 100644 (file)
--- a/libavcodec/loco.c
+++ b/libavcodec/loco.c
@@ -161,6 +161,8 @@ static int loco_decode_plane(LOCOContext *l, uint8_t *data, int width, int heigh
     for (j = 1; j < height; j++) {
         /* restore left column */
         val = loco_get_rice(&rc);
+        if (val == INT_MIN)
+           return AVERROR_INVALIDDATA;
         data[0] = data[-stride] + val;
         /* restore all other pixels */
         for (i = 1; i < width; i++) {
Unnamed repository; edit this file 'description' to name the repository.