RepoMirrors
/
ffmpeg
mirror of https://git.ffmpeg.org/ffmpeg.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

avcodec/h264_slice: Check idr_pic_id 

Fixes: left shift of negative value -1
Fixes: 39223/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_H264_fuzzer-5498831521841152

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This commit is contained in:
Michael Niedermayer 2021-09-29 20:59:56 +02:00
parent d88d0370d5
commit f054871a65
1 changed files with 7 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
libavcodec/h264_slice.c
View File

@ -1911,8 +1911,13 @@ static int h264_slice_header_parse(const H264Context *h, H264SliceContext *sl,
sl->max_pic_num = 1 << (sps->log2_max_frame_num + 1);
}
if (nal->type == H264_NAL_IDR_SLICE)
sl->idr_pic_id = get_ue_golomb_long(&sl->gb);
if (nal->type == H264_NAL_IDR_SLICE) {
unsigned idr_pic_id = get_ue_golomb_long(&sl->gb);
if (idr_pic_id < 65536) {
sl->idr_pic_id = idr_pic_id;
} else
av_log(h->avctx, AV_LOG_WARNING, "idr_pic_id is invalid\n");
}
sl->poc_lsb = 0;
sl->delta_poc_bottom = 0;