[FFmpeg-cvslog] avformat/mvdec: Check for EOF in read_index()
Michael Niedermayer
git at videolan.org
Sat Feb 20 22:10:42 EET 2021
ffmpeg | branch: release/4.3 | Michael Niedermayer <michael at niedermayer.cc> | Sun Jan 31 16:19:42 2021 +0100| [ff6a6b94174ecda019d6cbeb07cdce4891db38dd] | committer: Michael Niedermayer
avformat/mvdec: Check for EOF in read_index()
Fixes: Timeout
Fixes: 29550/clusterfuzz-testcase-minimized-ffmpeg_dem_MV_fuzzer-5094307193290752
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 6c64351bb1f4dc148069a37754b746fcd4c784cf)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=ff6a6b94174ecda019d6cbeb07cdce4891db38dd
---
libavformat/mvdec.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/libavformat/mvdec.c b/libavformat/mvdec.c
index 37e16870e7..7d59d82b13 100644
--- a/libavformat/mvdec.c
+++ b/libavformat/mvdec.c
@@ -269,6 +269,8 @@ static void read_index(AVIOContext *pb, AVStream *st)
uint32_t pos = avio_rb32(pb);
uint32_t size = avio_rb32(pb);
avio_skip(pb, 8);
+ if (avio_feof(pb))
+ return ;
av_add_index_entry(st, pos, timestamp, size, 0, AVINDEX_KEYFRAME);
if (st->codecpar->codec_type == AVMEDIA_TYPE_AUDIO) {
timestamp += size / (st->codecpar->channels * 2LL);
More information about the ffmpeg-cvslog
mailing list