Re: [FFmpeg-devel] [PATCH 2/3] avcodec/exr: Check for duplicate channel index
On Tue, Dec 25, 2018 at 11:15:21PM +0100, Michael Niedermayer wrote: > Fixes: Out of memory > Fixes: > 11582/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_EXR_fuzzer-5730204559867904 > > Found-by: continuous fuzzing process > https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg > Signed-off-by: Michael Niedermayer > --- > libavcodec/exr.c | 5 + > 1 file changed, 5 insertions(+) will apply [...] -- Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB When the tyrant has disposed of foreign enemies by conquest or treaty, and there is nothing more to fear from them, then he is always stirring up some war or other, in order that the people may require a leader. -- Plato signature.asc Description: PGP signature ___ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
[FFmpeg-devel] [PATCH 2/3] avcodec/exr: Check for duplicate channel index
Fixes: Out of memory Fixes: 11582/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_EXR_fuzzer-5730204559867904 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer --- libavcodec/exr.c | 5 + 1 file changed, 5 insertions(+) diff --git a/libavcodec/exr.c b/libavcodec/exr.c index 5253cc3f13..13755e1e6e 100644 --- a/libavcodec/exr.c +++ b/libavcodec/exr.c @@ -1463,6 +1463,11 @@ static int decode_header(EXRContext *s, AVFrame *frame) } s->pixel_type = current_pixel_type; s->channel_offsets[channel_index] = s->current_channel_offset; +} else if (channel_index >= 0) { +av_log(s->avctx, AV_LOG_ERROR, +"Multiple channels with index %d.\n", channel_index); +ret = AVERROR_INVALIDDATA; +goto fail; } s->channels = av_realloc(s->channels, -- 2.20.1 ___ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org http://ffmpeg.org/mailman/listinfo/ffmpeg-devel