falkTX
/
FFmpeg
mirror of https://github.com/falkTX/FFmpeg.git
1
0
Fork 0
Code Issues 0 Releases 338 Wiki Activity
Browse Source

avformat/vividas: Check for zero v_size 

Fixes: SEGV on unknown address 0x000000000000
Fixes: 26482/clusterfuzz-testcase-minimized-ffmpeg_dem_VIVIDAS_fuzzer-4905102324006912

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
tags/n4.4
Michael Niedermayer 4 years ago
parent
d34e4904cd
commit
c7a5face77
1 changed files with 2 additions and 2 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +2
    -2
      libavformat/vividas.c

+ 2
- 2
libavformat/vividas.c View File

@@ -679,7 +679,7 @@ static int viv_read_packet(AVFormatContext *s,
return AVERROR_INVALIDDATA;

ffio_read_varlen(pb);
if (v_size > INT_MAX)
if (v_size > INT_MAX || !v_size)
return AVERROR_INVALIDDATA;
ret = av_get_packet(pb, pkt, v_size);
if (ret < 0)
@@ -708,7 +708,7 @@ static int viv_read_packet(AVFormatContext *s,
} else {
uint64_t v_size = ffio_read_varlen(pb);

if (v_size > INT_MAX)
if (v_size > INT_MAX || !v_size)
return AVERROR_INVALIDDATA;
ret = av_get_packet(pb, pkt, v_size);
if (ret < 0)


Write Preview
Loading…
Cancel
Save