RepoMirrors
/
ffmpeg
mirror of https://git.ffmpeg.org/ffmpeg.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

avcodec/cbs_h265_syntax_template: 

Fixes: Assertion width > 0 && width <= 32 failed
Fixes: 71012/clusterfuzz-testcase-minimized-ffmpeg_BSF_HEVC_METADATA_fuzzer-6073354744823808

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This commit is contained in:
Michael Niedermayer 2024-08-17 01:15:02 +02:00
parent 8657eb9c3f
commit 043875941f
No known key found for this signature in database
GPG Key ID: B18E8928B3948D64
1 changed files with 12 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
libavcodec/cbs_h265_syntax_template.c
View File

@ -2307,6 +2307,12 @@ SEI_FUNC(sei_3d_reference_displays_info, (CodedBitstreamContext *ctx, RWContext
else else
length = FFMAX(0, (int)current->exponent_ref_display_width[i] + length = FFMAX(0, (int)current->exponent_ref_display_width[i] +
(int)current->prec_ref_display_width - 31); (int)current->prec_ref_display_width - 31);
if (length > 32) {
av_log(ctx->log_ctx, AV_LOG_ERROR, "refDispWidthBits > 32 is not supported\n");
return AVERROR_PATCHWELCOME;
}
if (length) if (length)
ubs(length, mantissa_ref_display_width[i], 1, i); ubs(length, mantissa_ref_display_width[i], 1, i);
else else
@ -2318,6 +2324,12 @@ SEI_FUNC(sei_3d_reference_displays_info, (CodedBitstreamContext *ctx, RWContext
else else
length = FFMAX(0, (int)current->exponent_ref_viewing_distance[i] + length = FFMAX(0, (int)current->exponent_ref_viewing_distance[i] +
(int)current->prec_ref_viewing_dist - 31); (int)current->prec_ref_viewing_dist - 31);
if (length > 32) {
av_log(ctx->log_ctx, AV_LOG_ERROR, "refViewDistBits > 32 is not supported\n");
return AVERROR_PATCHWELCOME;
}
if (length) if (length)
ubs(length, mantissa_ref_viewing_distance[i], 1, i); ubs(length, mantissa_ref_viewing_distance[i], 1, i);
else else