Re: [FFmpeg-devel] [PATCH] avformat/mov: Check for duplicate clli

James Almer Mon, 13 Sep 2021 14:07:30 -0700

On 9/13/2021 6:04 PM, Michael Niedermayer wrote:

Fixes: memleak
Fixes: 
35261/clusterfuzz-testcase-minimized-ffmpeg_dem_MOV_fuzzer-4869656287510528


Found-by: continuous fuzzing process 
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
---
  libavformat/mov.c | 3 +++
  1 file changed, 3 insertions(+)

diff --git a/libavformat/mov.c b/libavformat/mov.c
index c5583e07c79..343c0c0ee35 100644
--- a/libavformat/mov.c
+++ b/libavformat/mov.c
@@ -5485,6 +5485,9 @@ static int mov_read_clli(MOVContext *c, AVIOContext *pb, 
MOVAtom atom)
          return AVERROR_INVALIDDATA;
      }

+ if (sc->coll)

+        return AVERROR_INVALIDDATA;

mov_read_coll() ignores any duplicate box, after emitting a warning.Maybe the same should be done here.

+
      sc->coll = av_content_light_metadata_alloc(&sc->coll_size);
      if (!sc->coll)
          return AVERROR(ENOMEM);


_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel

To unsubscribe, visit link above, or email
ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".

Re: [FFmpeg-devel] [PATCH] avformat/mov: Check for duplicate clli

Reply via email to