[FFmpeg-trac] #11689(swscale:new): [Security] Division by zero on libswscale/utils.c:1408:60

FFmpeg Mon, 28 Jul 2025 07:44:23 -0700

#11689: [Security] Division by zero  on libswscale/utils.c:1408:60
------------------------------------+--------------------------------------
             Reporter:  flyfish101  |                     Type:  defect
               Status:  new         |                 Priority:  important
            Component:  swscale     |                  Version:  git-master
             Keywords:  fuzzer      |               Blocked By:
             Blocking:              |  Reproduced by developer:  0
Analyzed by developer:  0           |
------------------------------------+--------------------------------------
 Summary of the bug:


 {{{
 fuzz@Fuzz2:~/Desktop/projects_oss/FFmpeg/tools/fuzzout/sws_fuzz$
 ./target_sws_fuzzer1051
 
/home/fuzz/Desktop/projects_oss/FFmpeg/tools/fuzzout/sws_fuzz/out_sws_1051/default/crashes/id:000457,sig:08,src:014662_time:386353182_execs:207939645_op:havoc_rep:16
 Reading 224 bytes from
 
/home/fuzz/Desktop/projects_oss/FFmpeg/tools/fuzzout/sws_fuzz/out_sws_1051/default/crashes/id:000457,sig:08,src:014662_time:386353182_execs:207939645_op:havoc_rep:16
 8 x 474 gray12be -> 8 x 1 yuv410p
 libswscale/utils.c:1408:60: runtime error: division by zero
 SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior
 libswscale/utils.c:1408:60 in
 AddressSanitizer:DEADLYSIGNAL
 =================================================================
 ==1625492==ERROR: AddressSanitizer: FPE on unknown address 0x5555557b8a46
 (pc 0x5555557b8a46 bp 0x7fffffffcd70 sp 0x7fffffffcaa0 T0)
     #0 0x5555557b8a46 in ff_sws_init_single_context
 /home/fuzz/Desktop/projects_oss/FFmpeg/libswscale/utils.c:1408:60
     #1 0x5555559689db in LLVMFuzzerTestOneInput
 /home/fuzz/Desktop/projects_oss/FFmpeg/tools/./target_sws_fuzzer1051.c:178:11
     #2 0x55555595f37d in ExecuteFilesOnyByOne
 
/home/fuzz/Desktop/DDGF_Project/AFLplusplus/utils/aflpp_driver/aflpp_driver.c:255:7
     #3 0x55555595f188 in LLVMFuzzerRunDriver
 /home/fuzz/Desktop/DDGF_Project/AFLplusplus/utils/aflpp_driver/aflpp_driver.c
     #4 0x55555595ed48 in main
 
/home/fuzz/Desktop/DDGF_Project/AFLplusplus/utils/aflpp_driver/aflpp_driver.c:300:10
     #5 0x7ffff7c3b082 in __libc_start_main /build/glibc-
 B3wQXB/glibc-2.31/csu/../csu/libc-start.c:308:16
     #6 0x555555869fdd in _start
 
(/home/fuzz/Desktop/projects_oss/FFmpeg/tools/fuzzout/sws_fuzz/target_sws_fuzzer1051+0x315fdd)

 AddressSanitizer can not provide additional info.
 SUMMARY: AddressSanitizer: FPE
 /home/fuzz/Desktop/projects_oss/FFmpeg/libswscale/utils.c:1408:60 in
 ff_sws_init_single_context
 ==1625492==ABORTING
 }}}
-- 
Ticket URL: <https://trac.ffmpeg.org/ticket/11689>
FFmpeg <https://ffmpeg.org>
FFmpeg issue tracker

_______________________________________________
FFmpeg-trac mailing list
FFmpeg-trac@avcodec.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-trac

To unsubscribe, visit link above, or email
ffmpeg-trac-requ...@ffmpeg.org with subject "unsubscribe".

[FFmpeg-trac] #11689(swscale:new): [Security] Division by zero on libswscale/utils.c:1408:60

Reply via email to