On 27.10.2016 22:14, Michael Niedermayer wrote: > On Wed, Oct 26, 2016 at 01:59:59AM +0200, Andreas Cadhalpun wrote: >> Note that the added asserts are triggered by *many* of my fuzzed samples. >> I'm happy to write patches for these cases, if we achieve agreement >> that the central check alone is insufficient.
Have you seen this comment? >> utils.c | 82 >> ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++-- >> 1 file changed, 80 insertions(+), 2 deletions(-) >> 40a8bafecb6d289a4220a27ac411fbcac3204952 >> 0001-avcodec-validate-codec-parameters.patch >> From f371be7a027da3958e221b4dc88ad558c1489107 Mon Sep 17 00:00:00 2001 >> From: Andreas Cadhalpun <andreas.cadhal...@googlemail.com> >> Date: Tue, 25 Oct 2016 01:45:27 +0200 >> Subject: [PATCH] avcodec: validate codec parameters >> >> This should reduce the impact of a broken demuxer (or API user) setting bogus >> codec parameters. >> >> The av_assert2 calls should ease detecting broken demuxers. > > have you tried a fuzzer ? > these assertions fail on fuzzed files > > Assertion 0 failed at libavcodec/utils.c:4157 > Aborted > Assertion !((unsigned)par->color_primaries > AVCOL_PRI_NB) failed at > libavcodec/utils.c:4161 As noted above, I'm well aware of that. This just shows how many demuxers currently set bogus values... Best regards, Andreas _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
