On Fri, Apr 23, 2021 at 08:00:16PM +0200, Andreas Rheinhardt wrote: > Michael Niedermayer: > > Fixes: OOM > > Fixes: > > 27240/clusterfuzz-testcase-minimized-ffmpeg_dem_ASF_O_fuzzer-5937469859823616 > > > > Found-by: continuous fuzzing process > > https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg > > Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> > > --- > > libavformat/asfdec_o.c | 6 +++++- > > 1 file changed, 5 insertions(+), 1 deletion(-) > > > > diff --git a/libavformat/asfdec_o.c b/libavformat/asfdec_o.c > > index 6cfcd8b088..d08a09c14d 100644 > > --- a/libavformat/asfdec_o.c > > +++ b/libavformat/asfdec_o.c > > @@ -600,8 +600,12 @@ static int parse_video_info(AVIOContext *pb, AVStream > > *st) > > memset(st->codecpar->extradata + st->codecpar->extradata_size , 0, > > AV_INPUT_BUFFER_PADDING_SIZE); > > if ((ret = avio_read(pb, st->codecpar->extradata, > > - st->codecpar->extradata_size)) < 0) > > + st->codecpar->extradata_size)) < 0) { > > + st->codecpar->extradata_size = 0; > > + av_freep(&st->codecpar->extradata); > > return ret; > > + } > > + st->codecpar->extradata_size = ret; > > } > > return 0; > > } > > > How important is it to preserve partially read extradata? If it is not > important, one could just use ff_get_extradata(); if it is important, > then memset should be performed after the read, so that the real padding > of the extradata is zeroed (it is uninitialized with your patch if the > desired size could not be read).
i guess its not important to preserve, will apply with ff_get_extradata() thanks [...] -- Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB "I am not trying to be anyone's saviour, I'm trying to think about the future and not be sad" - Elon Musk
signature.asc
Description: PGP signature
_______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
