On Sat, Oct 05, 2019 at 08:01:31PM -0300, James Almer wrote: > On 10/5/2019 6:41 PM, Michael Niedermayer wrote: > > Fixes: Timeout (17sec ->281ms) > > Fixes: > > 17833/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_H264_fuzzer-5638346914660352 > > > > Found-by: continuous fuzzing process > > https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg > > Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> > > --- > > libavcodec/h2645_parse.c | 6 +++++- > > libavcodec/h2645_parse.h | 1 + > > 2 files changed, 6 insertions(+), 1 deletion(-) > > > > diff --git a/libavcodec/h2645_parse.c b/libavcodec/h2645_parse.c > > index ef6a6b4b4f..34c731430f 100644 > > --- a/libavcodec/h2645_parse.c > > +++ b/libavcodec/h2645_parse.c > > @@ -455,8 +455,12 @@ int ff_h2645_packet_split(H2645Packet *pkt, const > > uint8_t *buf, int length, > > > > if (pkt->nals_allocated < pkt->nb_nals + 1) { > > int new_size = pkt->nals_allocated + 1; > > - void *tmp = av_realloc_array(pkt->nals, new_size, > > sizeof(*pkt->nals)); > > + void *tmp; > > > > + if (new_size >= INT_MAX / sizeof(*pkt->nals)) > > + return AVERROR(ENOMEM); > > + > > + tmp = av_fast_realloc(pkt->nals, &pkt->nals_byte_allocated, > > new_size * sizeof(*pkt->nals)); > > if (!tmp) > > return AVERROR(ENOMEM); > > > > diff --git a/libavcodec/h2645_parse.h b/libavcodec/h2645_parse.h > > index 2c29ca517c..0ac2b1bd9d 100644 > > --- a/libavcodec/h2645_parse.h > > +++ b/libavcodec/h2645_parse.h > > @@ -78,6 +78,7 @@ typedef struct H2645Packet { > > H2645RBSP rbsp; > > int nb_nals; > > int nals_allocated; > > + unsigned nals_byte_allocated; > > Maybe nal_buffer_size instead.
yeah i was also before posting this hesitating on the name > > LGTM either way. will change and apply it thx [...] -- Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB The educated differ from the uneducated as much as the living from the dead. -- Aristotle
signature.asc
Description: PGP signature
_______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
