From 24bd01ea65eb5a9902a0ce8e38f82dcec7117f87 Mon Sep 17 00:00:00 2001
From: Michael Niedermayer <michael@niedermayer.cc>
Date: Sun, 5 May 2024 03:14:26 +0200
Subject: [PATCH] tools/target_enc_fuzzer: Only read pix_fmts if its set

Fixes: null pointer dereference
Fixes: rawvideo encoder

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
---
 tools/target_enc_fuzzer.c | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/tools/target_enc_fuzzer.c b/tools/target_enc_fuzzer.c
index 1749f6905b..0345595ada 100644
--- a/tools/target_enc_fuzzer.c
+++ b/tools/target_enc_fuzzer.c
@@ -130,10 +130,12 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
 
         flags64 = bytestream2_get_le64(&gbc);
 
-        int npixfmts = 0;
-        while (c->p.pix_fmts[npixfmts++] != AV_PIX_FMT_NONE)
-            ;
-        ctx->pix_fmt = c->p.pix_fmts[bytestream2_get_byte(&gbc) % npixfmts];
+        if (c->p.pix_fmts) {
+            int npixfmts = 0;
+            while (c->p.pix_fmts[npixfmts++] != AV_PIX_FMT_NONE)
+                ;
+            ctx->pix_fmt = c->p.pix_fmts[bytestream2_get_byte(&gbc) % npixfmts];
+        }
 
         switch (c->p.id) {
         case AV_CODEC_ID_FFV1:{