OSDN Git Service

(root) / android-x86 / external-ffmpeg.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: e717fa1)
avcodec/cllc: Check num_bits
authorMichael Niedermayer <michael@niedermayer.cc>
Thu, 11 May 2017 16:39:33 +0000 (18:39 +0200)
committerMichael Niedermayer <michael@niedermayer.cc>
Thu, 11 May 2017 18:04:57 +0000 (20:04 +0200)
Fixes: runtime error: shift exponent -2 is negative
Fixes: 1479/clusterfuzz-testcase-minimized-6638493360979968

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
libavcodec/cllc.c patch | blob | history

diff --git a/libavcodec/cllc.c b/libavcodec/cllc.c
index b53e2c5..933144a 100644 (file)
--- a/libavcodec/cllc.c
+++ b/libavcodec/cllc.c
@@ -56,6 +56,13 @@ static int read_code_table(CLLCContext *ctx, GetBitContext *gb, VLC *vlc)
 
     num_lens = get_bits(gb, 5);
 
+    if (num_lens > VLC_BITS * VLC_DEPTH) {
+        vlc->table = NULL;
+
+        av_log(ctx->avctx, AV_LOG_ERROR, "To long VLCs %d\n", num_lens);
+        return AVERROR_INVALIDDATA;
+    }
+
     for (i = 0; i < num_lens; i++) {
         num_codes      = get_bits(gb, 9);
         num_codes_sum += num_codes;
external/ffmpeg
About OSDN
Find Software
Develop Software
Help