falkTX
/
FFmpeg
mirror of https://github.com/falkTX/FFmpeg.git
1
0
Fork 0
Code Issues 0 Releases 338 Wiki Activity
Browse Source

avcodec/atrac9dec: Check grad_range[1] more tightly 

Alternatively the array could be made bigger but the extra values
would not be read without other changes.

Fixes: Out of array access
Fixes: 15658/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ATRAC9_fuzzer-5738260074070016

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Lynne <dev@lynne.ee>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 208225bd78)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
tags/n4.2
Michael Niedermayer 6 years ago
parent
fc6f02b297
commit
99ecd0cfc9
1 changed files with 1 additions and 1 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +1
    -1
      libavcodec/atrac9dec.c

+ 1
- 1
libavcodec/atrac9dec.c View File

@@ -121,7 +121,7 @@ static inline int parse_gradient(ATRAC9Context *s, ATRAC9BlockData *b,
}
b->grad_boundary = get_bits(gb, 4);

if (grad_range[0] >= grad_range[1] || grad_range[1] > 47)
if (grad_range[0] >= grad_range[1] || grad_range[1] > 31)
return AVERROR_INVALIDDATA;

if (grad_value[0] > 31 || grad_value[1] > 31)


Write Preview
Loading…
Cancel
Save