On Tue, Nov 22, 2022 at 11:56:51PM +0100, Michael Niedermayer wrote: > Fixes: Timeout > Fixes: > 53438/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_PICTOR_fuzzer-5458939919859712 > > Found-by: continuous fuzzing process > https://github.com/google/oss-fuzz/tree/master/projects/ffmpe > Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> > --- > libavcodec/pictordec.c | 3 +++ > 1 file changed, 3 insertions(+) > > diff --git a/libavcodec/pictordec.c b/libavcodec/pictordec.c > index 71bad40a0a..09229b94fd 100644 > --- a/libavcodec/pictordec.c > +++ b/libavcodec/pictordec.c > @@ -162,6 +162,9 @@ static int decode_frame(AVCodecContext *avctx, AVFrame > *frame, > > if (av_image_check_size(s->width, s->height, 0, avctx) < 0) > return -1; > + if (bytestream2_get_bytes_left(&s->g) < s->width * s->height / 65536 * 5) > + return AVERROR_INVALIDDATA;
how did you arrive at this formula? -- Peter (A907 E02F A6E5 0CD2 34CD 20D2 6760 79C5 AC40 DD6B)
signature.asc
Description: PGP signature
_______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".