On Sun, Jan 15, 2023 at 01:44:09PM +1100, Peter Ross wrote: > On Fri, Jan 13, 2023 at 01:01:34AM +0100, Michael Niedermayer wrote: > > Fixes: out of array access > > Fixes: > > 48567/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WBMP_fuzzer-6652634692190208 > > Fixes: > > 48567/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WBMP_fuzzer-6653703453278208 > > Fixes: > > 48567/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WBMP_fuzzer-6668020758216704 > > Fixes: > > 48567/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WBMP_fuzzer-6684749875249152 > > > > Found-by: continuous fuzzing process > > https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg > > Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> > > --- > > libavcodec/wbmpdec.c | 2 +- > > 1 file changed, 1 insertion(+), 1 deletion(-) > > > > diff --git a/libavcodec/wbmpdec.c b/libavcodec/wbmpdec.c > > index 9638b55b94..8b105bc135 100644 > > --- a/libavcodec/wbmpdec.c > > +++ b/libavcodec/wbmpdec.c > > @@ -72,7 +72,7 @@ static int wbmp_decode_frame(AVCodecContext *avctx, > > AVFrame *p, > > if (p->linesize[0] == (width + 7) / 8) > > bytestream2_get_buffer(&gb, p->data[0], height * ((width + 7) / > > 8)); > > else > > - readbits(p->data[0], width, height, p->linesize[0], gb.buffer, > > gb.buffer_end - gb.buffer_start); > > + readbits(p->data[0], width, height, p->linesize[0], gb.buffer, > > gb.buffer_end - gb.buffer); > > > > p->key_frame = 1; > > p->pict_type = AV_PICTURE_TYPE_I; > > please apply.
will apply thx [...] -- Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB During times of universal deceit, telling the truth becomes a revolutionary act. -- George Orwell
signature.asc
Description: PGP signature
_______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
