Fixes: out of array access Fixes: 15522/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DNXHD_fuzzer-5747756078989312
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> --- libavcodec/parser.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/libavcodec/parser.c b/libavcodec/parser.c index 0a994a3f30..3e19810a94 100644 --- a/libavcodec/parser.c +++ b/libavcodec/parser.c @@ -245,6 +245,9 @@ int ff_combine_frame(ParseContext *pc, int next, for (; pc->overread > 0; pc->overread--) pc->buffer[pc->index++] = pc->buffer[pc->overread_index++]; + if (next > *buf_size) + return AVERROR(EINVAL); + /* flush remaining if EOF */ if (!*buf_size && next == END_NOT_FOUND) next = 0; -- 2.22.0 _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
