Fixes: Leaks Fixes: 15349/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SANM_fuzzer-5102530557640704
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> --- libavcodec/sanm.c | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/libavcodec/sanm.c b/libavcodec/sanm.c index 25aee7220f..60e2f4c624 100644 --- a/libavcodec/sanm.c +++ b/libavcodec/sanm.c @@ -491,6 +491,10 @@ static av_cold int decode_init(AVCodecContext *avctx) ctx->avctx = avctx; ctx->version = !avctx->extradata_size; + if (!ctx->version && avctx->extradata_size < 1026) { + av_log(avctx, AV_LOG_ERROR, "Not enough extradata.\n"); + return AVERROR_INVALIDDATA; + } avctx->pix_fmt = ctx->version ? AV_PIX_FMT_RGB565 : AV_PIX_FMT_PAL8; @@ -506,11 +510,6 @@ static av_cold int decode_init(AVCodecContext *avctx) if (!ctx->version) { int i; - if (avctx->extradata_size < 1026) { - av_log(avctx, AV_LOG_ERROR, "Not enough extradata.\n"); - return AVERROR_INVALIDDATA; - } - ctx->subversion = AV_RL16(avctx->extradata); for (i = 0; i < PALETTE_SIZE; i++) ctx->pal[i] = 0xFFU << 24 | AV_RL32(avctx->extradata + 2 + i * 4); -- 2.22.0 _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
