On Thu, Feb 20, 2020 at 11:29:51PM +0100, Paul B Mahol wrote:
> On 2/20/20, Michael Niedermayer wrote:
> > On Thu, Feb 20, 2020 at 08:11:34PM +0100, Paul B Mahol wrote:
> >> Are you sure this is correct?
> >> Does asan reports exactly overread by 4?
> >
> > the next line passes diff_size - 8 as a
On 2/20/20, Michael Niedermayer wrote:
> On Thu, Feb 20, 2020 at 08:11:34PM +0100, Paul B Mahol wrote:
>> Are you sure this is correct?
>> Does asan reports exactly overread by 4?
>
> the next line passes diff_size - 8 as a unsigned data size
> if diff_size is smaller than 8, diff_size - 8 is very
On Thu, Feb 20, 2020 at 08:11:34PM +0100, Paul B Mahol wrote:
> Are you sure this is correct?
> Does asan reports exactly overread by 4?
the next line passes diff_size - 8 as a unsigned data size
if diff_size is smaller than 8, diff_size - 8 is very big and
the overread checks which use that will
Are you sure this is correct?
Does asan reports exactly overread by 4?
On 2/20/20, Michael Niedermayer wrote:
> Fixes: out of array read
> Fixes:
> 20742/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_CDTOONS_fuzzer-5738148607033344
>
> Found-by: continuous fuzzing process
> https://github.com
