On 8/5/18, Michael Niedermayer <mich...@niedermayer.cc> wrote: > On Sun, Aug 05, 2018 at 10:08:31AM +0200, Paul B Mahol wrote: >> On 8/5/18, Michael Niedermayer <mich...@niedermayer.cc> wrote: >> > Fixes: Timeout >> > Fixes: >> > 9342/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SCPR_fuzzer-4795990841229312 >> > >> > Found-by: continuous fuzzing process >> > https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg >> > Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> >> > --- >> > libavcodec/scpr.c | 3 +++ >> > 1 file changed, 3 insertions(+) >> > >> > diff --git a/libavcodec/scpr.c b/libavcodec/scpr.c >> > index 72f59d5917..d1e47b09ac 100644 >> > --- a/libavcodec/scpr.c >> > +++ b/libavcodec/scpr.c >> > @@ -525,6 +525,9 @@ static int decompress_p(AVCodecContext *avctx, >> > if (ret < 0) >> > return ret; >> > >> > + if (min > max) >> > + return AVERROR_INVALIDDATA; >> > + >> >> Shouldn't this check be actually bellow? > > yes, fixed, locally > > >> You sure this does not break valid files? > > i found no file that it breaks, beyond this, no iam not sure. > It mostly based on logic thinking that these would not be ordered the > other way, as that seems not usefull > > Is there some specification or more files i can test ?
It should be fine. _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
