[FFmpeg-devel] [PATCH 1/7] avcodec/vc1: Check for excessive resolution

Jean-Baptiste Kempf jb at videolan.org
Mon Aug 19 09:17:02 EEST 2019 

You need to explain why. A "NAK" is not enough.

16k pixels x 16k is a large size already for vc1.

On Sun, Aug 18, 2019, at 12:45, Paul B Mahol wrote:
> NAK
> 
> On Thu, Aug 15, 2019 at 11:51 PM Michael Niedermayer <michael at niedermayer.cc>
> wrote:
> 
> > Fixes: overflow in aspect ratio calculation
> > Fixes: signed integer overflow: 393215 * 14594 cannot be represented in
> > type 'int'
> > Fixes:
> > 15728/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMV3IMAGE_fuzzer-5661588893204480
> >
> > Found-by: continuous fuzzing process
> > https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
> > Signed-off-by
> > <https://github.com/google/oss-fuzz/tree/master/projects/ffmpegSigned-off-by>:
> > Michael Niedermayer <michael at niedermayer.cc>
> > ---
> >  libavcodec/vc1dec.c | 5 +++++
> >  1 file changed, 5 insertions(+)
> >
> > diff --git a/libavcodec/vc1dec.c b/libavcodec/vc1dec.c
> > index 9519864c55..2636ea701f 100644
> > --- a/libavcodec/vc1dec.c
> > +++ b/libavcodec/vc1dec.c
> > @@ -426,6 +426,11 @@ static av_cold int vc1_decode_init(AVCodecContext
> > *avctx)
> >      GetBitContext gb;
> >      int ret;
> >
> > +    if (avctx->width > 1 << 14 || avctx->height > 1 << 14) {
> > +        avpriv_request_sample(avctx, "Huge resolution");
> > +        return AVERROR_PATCHWELCOME;
> > +    }
> > +
> >      /* save the container output size for WMImage */
> >      v->output_width  = avctx->width;
> >      v->output_height = avctx->height;
> > --
> > 2.22.1
> >
> > _______________________________________________
> > ffmpeg-devel mailing list
> > ffmpeg-devel at ffmpeg.org
> > https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
> >
> > To unsubscribe, visit link above, or email
> > ffmpeg-devel-request at ffmpeg.org with subject "unsubscribe".
> _______________________________________________
> ffmpeg-devel mailing list
> ffmpeg-devel at ffmpeg.org
> https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
> 
> To unsubscribe, visit link above, or email
> ffmpeg-devel-request at ffmpeg.org with subject "unsubscribe".

-- 
Jean-Baptiste Kempf -  President
+33 672 704 734

More information about the ffmpeg-devel mailing list