On 2/11/20 9:40 pm, Anton Khirnov wrote: > > Quoting Michael Niedermayer (2020-10-30 22:52:02) >> Fixes: division by 0 >> Fixes: >> 26667/clusterfuzz-testcase-minimized-ffmpeg_dem_ARGO_BRP_fuzzer-5645146928185344.fuzz >> >> Found-by: continuous fuzzing process >> https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg >> Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> >> --- >> libavformat/argo_brp.c | 2 +- >> 1 file changed, 1 insertion(+), 1 deletion(-) >> >> diff --git a/libavformat/argo_brp.c b/libavformat/argo_brp.c >> index 48e0cd6aa4..7c679e944c 100644 >> --- a/libavformat/argo_brp.c >> +++ b/libavformat/argo_brp.c >> @@ -390,7 +390,7 @@ static int argo_brp_read_packet(AVFormatContext *s, >> AVPacket *pkt) >> >> blk.size -= ASF_CHUNK_HEADER_SIZE; >> >> - if (blk.size % st->codecpar->block_align != 0) >> + if (st->codecpar->block_align && blk.size % >> st->codecpar->block_align != 0) > > Shouldn't block_align==0 also trigger an error? >
block_align should never be zero for adocm_argo (is always 17 or 34), so this looks like a validation error in ff_argo_asf_fill_stream(). I'll investigate. _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
