Chiebot-Mirror
/
FFmpeg
8
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

avcodec/speedhq: Check width

Browse Source 
Fixes: out of array access
Fixes: 50014/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SPEEDHQ_fuzzer-4748914632294400

Alternatively the buffer size can be increased

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
pull/388/head
Michael Niedermayer 3 years ago
parent 6195a0ee19
commit f0395f9ef6
No known key found for this signature in database
GPG Key ID: B18E8928B3948D64
1 changed files with 1 additions and 1 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 2
      libavcodec/speedhq.c

2
libavcodec/speedhq.c
Unescape View File

@ -498,7 +498,7 @@ static int speedhq_decode_frame(AVCodecContext *avctx, AVFrame *frame,
uint32_t second_field_offset;
int ret;
if (buf_size < 4 || avctx->width < 8)
if (buf_size < 4 || avctx->width < 8 || avctx->width % 8 != 0)
return AVERROR_INVALIDDATA;
quality = buf[0];

Write Preview
Loading…
Cancel
Save