On Fri, Dec 11, 2020 at 02:56:10PM +0100, Anton Khirnov wrote: > Quoting Michael Niedermayer (2020-12-11 11:00:01) > > Fixes: infinite loop > > Fixes: > > 27834/clusterfuzz-testcase-minimized-ffmpeg_dem_IFF_fuzzer-5694930919620608 > > > > Found-by: continuous fuzzing process > > https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg > > Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> > > --- > > libavformat/iff.c | 3 +++ > > 1 file changed, 3 insertions(+) > > > > diff --git a/libavformat/iff.c b/libavformat/iff.c > > index f017684620..0f570e4b26 100644 > > --- a/libavformat/iff.c > > +++ b/libavformat/iff.c > > @@ -402,6 +402,9 @@ static int read_dst_frame(AVFormatContext *s, AVPacket > > *pkt) > > break; > > } > > > > + if (data_size >= INT64_MAX) > > + return AVERROR_INVALIDDATA; > > Wouldn't the existing check right above the switch be a more appropriate > place for this?
yes, ill merge it in there and will apply thx [...] -- Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB Take away the freedom of one citizen and you will be jailed, take away the freedom of all citizens and you will be congratulated by your peers in Parliament.
signature.asc
Description: PGP signature
_______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
