On Fri, Mar 19, 2021 at 01:19:28AM +0100, Andreas Rheinhardt wrote: > Michael Niedermayer: > > On Fri, Mar 19, 2021 at 12:20:23AM +0100, Andreas Rheinhardt wrote: > >> Michael Niedermayer: > >>> Fixes: null pointer dereference > >>> Fixes: > >>> 31588/clusterfuzz-testcase-minimized-ffmpeg_dem_AVI_fuzzer-6165716135968768 > >>> > >>> Found-by: continuous fuzzing process > >>> https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg > >>> Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> > >>> --- > >>> libavformat/avidec.c | 2 +- > >>> 1 file changed, 1 insertion(+), 1 deletion(-) > >>> > >>> diff --git a/libavformat/avidec.c b/libavformat/avidec.c > >>> index fa0599501a..48370fe5ce 100644 > >>> --- a/libavformat/avidec.c > >>> +++ b/libavformat/avidec.c > >>> @@ -1288,7 +1288,7 @@ start_sync: > >>> AVStream *st1 = s->streams[1]; > >>> AVIStream *ast1 = st1->priv_data; > >>> // workaround for broken small-file-bug402.avi > >>> - if ( d[2] == 'w' && d[3] == 'b' > >>> + if (ast1 && d[2] == 'w' && d[3] == 'b' > >>> && n == 0 > >>> && st ->codecpar->codec_type == AVMEDIA_TYPE_VIDEO > >>> && st1->codecpar->codec_type == AVMEDIA_TYPE_AUDIO > >>> > >> How is this possible? After all, dv streams also have an AVIStream as > > > > The DV demuxer creates streams in dv_extract_audio_info() without a > > AVIStream > > > > That explains it. Thanks. Patch is fine by me,
will apply thx > but I haven't looked at > it in detail. But neither dv nor avi set the AVFMTCTX_NOHEADER flag, so > adding streams later is an API violation. > > > > >> priv_data; and only the very first stream can ever be a dv stream due to > >> the check in line 605. > > > > I assume they are created after that check > > > > > > _______________________________________________ > ffmpeg-devel mailing list > ffmpeg-devel@ffmpeg.org > https://ffmpeg.org/mailman/listinfo/ffmpeg-devel > > To unsubscribe, visit link above, or email > ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe". -- Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB Does the universe only have a finite lifespan? No, its going to go on forever, its just that you wont like living in it. -- Hiranya Peiri
signature.asc
Description: PGP signature
_______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
