[FFmpeg-devel] [PATCH 2/2] avcodec/vp56: Require not any undamaged frame for concealment but one of comparable size

Wed, 08 Mar 2017 19:08:11 -0800 

Fixes: timeout in 758/clusterfuzz-testcase-4720832028868608

Found-by: continuous fuzzing process 
https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <[email protected]>
---
 libavcodec/vp56.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/libavcodec/vp56.c b/libavcodec/vp56.c
index 0010408847..bccb424903 100644
--- a/libavcodec/vp56.c
+++ b/libavcodec/vp56.c
@@ -710,7 +710,7 @@ static int ff_vp56_decode_mbs(AVCodecContext *avctx, void 
*data,
                 int ret = vp56_decode_mb(s, mb_row, mb_col, is_alpha);
                 if (ret < 0) {
                     damaged = 1;
-                    if (!s->have_undamaged_frame) {
+                    if (s->have_undamaged_frame < s->mb_width * s->mb_height) {
                         s->discard_frame = 1;
                         return AVERROR_INVALIDDATA;
                     }
@@ -732,7 +732,7 @@ static int ff_vp56_decode_mbs(AVCodecContext *avctx, void 
*data,
     }
 
     if (!damaged)
-        s->have_undamaged_frame = 1;
+        s->have_undamaged_frame = s->mb_width * s->mb_height;
 
 next:
     if (p->key_frame || s->golden_frame) {
-- 
2.11.0

_______________________________________________
ffmpeg-devel mailing list
[email protected]
http://ffmpeg.org/mailman/listinfo/ffmpeg-devel

Reply via email to