On Mon, Sep 13, 2021 at 06:07:17PM -0300, James Almer wrote: > On 9/13/2021 6:04 PM, Michael Niedermayer wrote: > > Fixes: memleak > > Fixes: > > 35261/clusterfuzz-testcase-minimized-ffmpeg_dem_MOV_fuzzer-4869656287510528 > > > > Found-by: continuous fuzzing process > > https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg > > Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> > > --- > > libavformat/mov.c | 3 +++ > > 1 file changed, 3 insertions(+) > > > > diff --git a/libavformat/mov.c b/libavformat/mov.c > > index c5583e07c79..343c0c0ee35 100644 > > --- a/libavformat/mov.c > > +++ b/libavformat/mov.c > > @@ -5485,6 +5485,9 @@ static int mov_read_clli(MOVContext *c, AVIOContext > > *pb, MOVAtom atom) > > return AVERROR_INVALIDDATA; > > } > > + if (sc->coll) > > + return AVERROR_INVALIDDATA; > > mov_read_coll() ignores any duplicate box, after emitting a warning. Maybe > the same should be done here.
will apply with that change [...] thx -- Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB Those who are best at talking, realize last or never when they are wrong.
signature.asc
Description: PGP signature
_______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
