RepoMirrors
/
ffmpeg
mirror of https://git.ffmpeg.org/ffmpeg.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

avcodec/imm4: Check input size 

Fixes: Timeout
Fixes: 71324/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_IMM4_fuzzer-5388489435185152

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This commit is contained in:
Michael Niedermayer 2024-09-22 22:47:03 +02:00
parent 050b5e85cb
commit 8367d7e184
No known key found for this signature in database
GPG Key ID: B18E8928B3948D64
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
libavcodec/imm4.c
View File

@ -453,6 +453,10 @@ static int decode_frame(AVCodecContext *avctx, AVFrame *frame,
if (ret < 0) if (ret < 0)
return ret; return ret;
if (((avctx->width + 15) / 16) * ((avctx->height + 15) / 16) > get_bits_left(gb))
return AVERROR_INVALIDDATA;
if ((ret = ff_get_buffer(avctx, frame, (frame->flags & AV_FRAME_FLAG_KEY) ? AV_GET_BUFFER_FLAG_REF : 0)) < 0) if ((ret = ff_get_buffer(avctx, frame, (frame->flags & AV_FRAME_FLAG_KEY) ? AV_GET_BUFFER_FLAG_REF : 0)) < 0)
return ret; return ret;