ffmpeg | branch: master | Michael Niedermayer <mich...@niedermayer.cc> | Fri May 5 23:00:59 2017 +0200| [a8ad83b793e883b8c6d114f81073a4e40c0308a3] | committer: Michael Niedermayer
avcodec/aacsbr_template: Do not leave bs_num_env invalid Fixes out of array read Fixes: 1349/clusterfuzz-testcase-minimized-5370707196248064 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> > http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=a8ad83b793e883b8c6d114f81073a4e40c0308a3 --- libavcodec/aacsbr_template.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/libavcodec/aacsbr_template.c b/libavcodec/aacsbr_template.c index 750131c64c..aaa48ef802 100644 --- a/libavcodec/aacsbr_template.c +++ b/libavcodec/aacsbr_template.c @@ -640,6 +640,7 @@ static int read_sbr_grid(AACContext *ac, SpectralBandReplication *sbr, av_log(ac->avctx, AV_LOG_ERROR, "Invalid bitstream, too many SBR envelopes in FIXFIX type SBR frame: %d\n", ch_data->bs_num_env); + ch_data->bs_num_env = 2; return -1; } @@ -695,6 +696,7 @@ static int read_sbr_grid(AACContext *ac, SpectralBandReplication *sbr, av_log(ac->avctx, AV_LOG_ERROR, "Invalid bitstream, too many SBR envelopes in VARVAR type SBR frame: %d\n", ch_data->bs_num_env); + ch_data->bs_num_env = 2; return -1; } _______________________________________________ ffmpeg-cvslog mailing list ffmpeg-cvslog@ffmpeg.org http://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog
