This is an automated email from the git hooks/post-receive script.
Git pushed a commit to branch master
in repository ffmpeg.
The following commit(s) were added to refs/heads/master by this push:
new 40cafc25cf avcodec/mdec: Check input space vs minimal block size
40cafc25cf is described below
commit 40cafc25cfc435e91ff3862cd9489573f6a38dc1
Author: Michael Niedermayer <[email protected]>
AuthorDate: Fri Feb 6 22:37:53 2026 +0100
Commit: Michael Niedermayer <[email protected]>
CommitDate: Mon Feb 23 22:54:38 2026 +0100
avcodec/mdec: Check input space vs minimal block size
Fixes: Timeout
Fixes:
481006706/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MDEC_fuzzer-6122832651419648
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <[email protected]>
---
libavcodec/mdec.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/libavcodec/mdec.c b/libavcodec/mdec.c
index c8865d7c63..6ea64a8a3b 100644
--- a/libavcodec/mdec.c
+++ b/libavcodec/mdec.c
@@ -174,6 +174,9 @@ static int decode_frame(AVCodecContext *avctx, AVFrame
*frame,
int buf_size = avpkt->size;
int ret;
+ if (a->mb_width * a->mb_height * 3 > buf_size)
+ return AVERROR_INVALIDDATA;
+
if ((ret = ff_thread_get_buffer(avctx, frame, 0)) < 0)
return ret;
_______________________________________________
ffmpeg-cvslog mailing list -- [email protected]
To unsubscribe send an email to [email protected]
