[FFmpeg-devel] [PATCH 1/7] avcodec/vc1: Check for excessive resolution

Paul B Mahol onemda at gmail.com
Mon Aug 19 10:45:26 EEST 2019 

On Mon, Aug 19, 2019 at 8:17 AM Jean-Baptiste Kempf <jb at videolan.org> wrote:

> You need to explain why. A "NAK" is not enough.
>
> 16k pixels x 16k is a large size already for vc1.
>

And for any other codecs....


>
> On Sun, Aug 18, 2019, at 12:45, Paul B Mahol wrote:
> > NAK
> >
> > On Thu, Aug 15, 2019 at 11:51 PM Michael Niedermayer
> <michael at niedermayer.cc>
> > wrote:
> >
> > > Fixes: overflow in aspect ratio calculation
> > > Fixes: signed integer overflow: 393215 * 14594 cannot be represented in
> > > type 'int'
> > > Fixes:
> > >
> 15728/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMV3IMAGE_fuzzer-5661588893204480
> > >
> > > Found-by: continuous fuzzing process
> > > https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
> > > Signed-off-by
> > > <
> https://github.com/google/oss-fuzz/tree/master/projects/ffmpegSigned-off-by
> >:
> > > Michael Niedermayer <michael at niedermayer.cc>
> > > ---
> > >  libavcodec/vc1dec.c | 5 +++++
> > >  1 file changed, 5 insertions(+)
> > >
> > > diff --git a/libavcodec/vc1dec.c b/libavcodec/vc1dec.c
> > > index 9519864c55..2636ea701f 100644
> > > --- a/libavcodec/vc1dec.c
> > > +++ b/libavcodec/vc1dec.c
> > > @@ -426,6 +426,11 @@ static av_cold int vc1_decode_init(AVCodecContext
> > > *avctx)
> > >      GetBitContext gb;
> > >      int ret;
> > >
> > > +    if (avctx->width > 1 << 14 || avctx->height > 1 << 14) {
> > > +        avpriv_request_sample(avctx, "Huge resolution");
> > > +        return AVERROR_PATCHWELCOME;
> > > +    }
> > > +
> > >      /* save the container output size for WMImage */
> > >      v->output_width  = avctx->width;
> > >      v->output_height = avctx->height;
> > > --
> > > 2.22.1
> > >
> > > _______________________________________________
> > > ffmpeg-devel mailing list
> > > ffmpeg-devel at ffmpeg.org
> > > https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
> > >
> > > To unsubscribe, visit link above, or email
> > > ffmpeg-devel-request at ffmpeg.org with subject "unsubscribe".
> > _______________________________________________
> > ffmpeg-devel mailing list
> > ffmpeg-devel at ffmpeg.org
> > https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
> >
> > To unsubscribe, visit link above, or email
> > ffmpeg-devel-request at ffmpeg.org with subject "unsubscribe".
>
> --
> Jean-Baptiste Kempf -  President
> +33 672 704 734
> _______________________________________________
> ffmpeg-devel mailing list
> ffmpeg-devel at ffmpeg.org
> https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
>
> To unsubscribe, visit link above, or email
> ffmpeg-devel-request at ffmpeg.org with subject "unsubscribe".

More information about the ffmpeg-devel mailing list