target_dec_fuzzer: Use av_buffer_allocz() to avoid missing slices to have unpredictable content

James Almer Thu, 08 Aug 2024 10:13:25 -0700

On 8/6/2024 7:18 PM, Michael Niedermayer wrote:

Fixes: use of uninitialized values
Fixes: 
70885/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VP6F_fuzzer-4610946029387776
 (and likely others)


Found-by: continuous fuzzing process 
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
---
  tools/target_dec_fuzzer.c | 2 +-
  1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tools/target_dec_fuzzer.c b/tools/target_dec_fuzzer.c
index d2d7e21dac7..794b5b92cc7 100644
--- a/tools/target_dec_fuzzer.c
+++ b/tools/target_dec_fuzzer.c
@@ -129,7 +129,7 @@ static int fuzz_video_get_buffer(AVCodecContext *ctx, 
AVFrame *frame)

frame->extended_data = frame->data;

      for (i = 0; i < 4 && size[i]; i++) {
-        frame->buf[i] = av_buffer_alloc(size[i]);
+        frame->buf[i] = av_buffer_allocz(size[i]);
          if (!frame->buf[i])
              goto fail;
          frame->data[i] = frame->buf[i]->data;


Wouldn't this hide actual decoder bugs too?

_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel

To unsubscribe, visit link above, or email
ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".

Re: [FFmpeg-devel] [PATCH 5/6] tools/target_dec_fuzzer: Use av_buffer_allocz() to avoid missing slices to have unpredictable content

Reply via email to