RepoMirrors
/
ffmpeg
mirror of https://git.ffmpeg.org/ffmpeg.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

avcodec/jpegxl_parser: Check for ctx->skip overflow 

Fixes: out of array access
Fixes: 62113/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5025082076168192

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This commit is contained in:
Michael Niedermayer 2023-09-10 02:37:47 +02:00
parent d2e8974699
commit ca09d8a0dc
No known key found for this signature in database
GPG Key ID: B18E8928B3948D64
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
libavcodec/jpegxl_parser.c
View File

@ -1326,7 +1326,7 @@ static int skip_boxes(JXLParseContext *ctx, const uint8_t *buf, int buf_size)
if (!size)
return AVERROR_INVALIDDATA;
/* invalid ISOBMFF size */
if (size <= head_size + 4)
if (size <= head_size + 4 || size > INT_MAX - ctx->skip)
return AVERROR_INVALIDDATA;
ctx->skip += size;