On Sat, Sep 18, 2021 at 07:47:52PM +1000, Peter Ross wrote: > On Fri, Sep 17, 2021 at 09:56:16PM +0200, Michael Niedermayer wrote: > > Fixes: out of array access > > Fixes: > > 38603/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MSNSIREN_fuzzer-5741847809490944.fuzz > > > > Found-by: continuous fuzzing process > > https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg > > Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> > > --- > > libavcodec/siren.c | 4 ++++ > > 1 file changed, 4 insertions(+) > > > > diff --git a/libavcodec/siren.c b/libavcodec/siren.c > > index 2161b29a2cc..7f2b4678608 100644 > > --- a/libavcodec/siren.c > > +++ b/libavcodec/siren.c > > @@ -648,6 +648,10 @@ static int decode_vector(SirenContext *s, int > > number_of_regions, > > } > > coefs_ptr++; > > } > > + if (i >= FF_ARRAY_ELEMS(noise_category5)) { > > + error = 1; > > + break; > > + } > > > > noise = decoder_standard_deviation[region] * > > noise_category5[i]; > > } else > > this fixes the recent msnsiren commit. > please apply
will apply thx [...] -- Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB If you fake or manipulate statistics in a paper in physics you will never get a job again. If you fake or manipulate statistics in a paper in medicin you will get a job for life at the pharma industry.
signature.asc
Description: PGP signature
_______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
