Re: [FFmpeg-devel] [PATCH] avcodec/wmv2dec: Check end of bitstream in parse_mb_skip() and ff_wmv2_decode_mb()

On Fri, Oct 27, 2017 at 10:09:12PM +0200, Michael Niedermayer wrote: > Fixes: Timeout > Fixes: 3200/clusterfuzz-testcase-5750022136135680 > > Found-by: continuous fuzzing process > https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg > Signed-off-by: Michael Niedermayer

[FFmpeg-devel] [PATCH] avcodec/wmv2dec: Check end of bitstream in parse_mb_skip() and ff_wmv2_decode_mb()

Fixes: Timeout Fixes: 3200/clusterfuzz-testcase-5750022136135680 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer --- libavcodec/wmv2dec.c | 18 -- 1 file changed, 16

Re: [FFmpeg-devel] [PATCH] avcodec/wmv2dec: Check end of bitstream in parse_mb_skip() and ff_wmv2_decode_mb()

On Thu, Oct 26, 2017 at 02:20:28PM +0100, Derek Buitenhuis wrote: > On 10/26/2017 11:47 AM, Michael Niedermayer wrote: > > +if (get_bits_left(>gb) < 0) { > > +return AVERROR_INVALIDDATA; > > +} > > Is this possible? I don't see where get_bits.h is include > in this (probably deep

Re: [FFmpeg-devel] [PATCH] avcodec/wmv2dec: Check end of bitstream in parse_mb_skip() and ff_wmv2_decode_mb()

On 10/26/2017 11:47 AM, Michael Niedermayer wrote: > +if (get_bits_left(>gb) < 0) { > +return AVERROR_INVALIDDATA; > +} Is this possible? I don't see where get_bits.h is include in this (probably deep in some other header), so can't see if it's using the unchecked reader. - Derek

[FFmpeg-devel] [PATCH] avcodec/wmv2dec: Check end of bitstream in parse_mb_skip() and ff_wmv2_decode_mb()

Fixes: Timeout Fixes: 3200/clusterfuzz-testcase-5750022136135680 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer --- libavcodec/wmv2dec.c | 18 -- 1 file changed, 16