On 11/9/18, Carl Eugen Hoyos <ceffm...@gmail.com> wrote: > 2018-11-09 10:31 GMT+01:00, Michael Niedermayer <mich...@niedermayer.cc>: >> method 0 (inflate/deflate) is the only specified in the specification and >> the only supported >> >> Fixes: Timeout >> Fixes: >> 10976/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_PNG_fuzzer-5729372588736512 >> >> Found-by: continuous fuzzing process >> https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg >> Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> >> --- >> libavcodec/pngdec.c | 4 ++++ >> 1 file changed, 4 insertions(+) >> >> diff --git a/libavcodec/pngdec.c b/libavcodec/pngdec.c >> index 01144680f2..189bb9a4c1 100644 >> --- a/libavcodec/pngdec.c >> +++ b/libavcodec/pngdec.c >> @@ -578,6 +578,10 @@ static int decode_ihdr_chunk(AVCodecContext *avctx, >> PNGDecContext *s, >> } >> s->color_type = bytestream2_get_byte(&s->gb); >> s->compression_type = bytestream2_get_byte(&s->gb); >> + if (s->compression_type) { >> + av_log(avctx, AV_LOG_ERROR, "Invalid compression method %d\n", >> s->compression_type); >> + goto error; > > Would the native FFmpeg zlib decompression code - if merged - avoid this > issue?
No. _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org http://ffmpeg.org/mailman/listinfo/ffmpeg-devel