From 46e3bc2ebd21b215edce773de7c498121c1be766 Mon Sep 17 00:00:00 2001
From: Michael Niedermayer <michael@niedermayer.cc>
Date: Mon, 19 Aug 2024 21:01:44 +0200
Subject: [PATCH] tools/target_swr_fuzzer: Check av_samples_fill_arrays() for
 failure

Fixes: use of uninitialized value
Fixes: 71242/clusterfuzz-testcase-minimized-ffmpeg_SWR_fuzzer-4905557943713792

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
---
 tools/target_swr_fuzzer.c | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/tools/target_swr_fuzzer.c b/tools/target_swr_fuzzer.c
index f2d8ec49c0..b6cdb72a56 100644
--- a/tools/target_swr_fuzzer.c
+++ b/tools/target_swr_fuzzer.c
@@ -83,6 +83,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
     int in_sample_nb;
     int out_sample_nb = size;
     int count;
+    int ret;
 
     if (size > 128) {
         GetByteContext gbc;
@@ -132,8 +133,12 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
     if (!out_data)
         goto end;
 
-    av_samples_fill_arrays(ain , NULL,     data,  in_ch_count,  in_sample_nb,  in_sample_fmt, 1);
-    av_samples_fill_arrays(aout, NULL, out_data, out_ch_count, out_sample_nb, out_sample_fmt, 1);
+    ret = av_samples_fill_arrays(ain , NULL,     data,  in_ch_count,  in_sample_nb,  in_sample_fmt, 1);
+    if (ret < 0)
+        goto end;
+    ret = av_samples_fill_arrays(aout, NULL, out_data, out_ch_count, out_sample_nb, out_sample_fmt, 1);
+    if (ret < 0)
+        goto end;
 
     count = swr_convert(swr, aout, out_sample_nb, (const uint8_t **)ain, in_sample_nb);