[FFmpeg-devel] [PATCH 4/5] avcodec/atrac3: Check for huge block aligns
Michael Niedermayer
michael at niedermayer.cc
Wed Nov 20 16:10:02 EET 2019
On Sat, Nov 02, 2019 at 05:06:00PM +0100, Michael Niedermayer wrote:
> The largest documented frame size = block align is 1024 bytes
> (https://wiki.multimedia.cx/index.php/ATRAC3)
>
> Without a limit this can allocate arbitrary memory and trigger OOM
> Fixes: OOM
> Fixes: 18337/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ATRAC3_fuzzer-5763861478637568
> Fixes: 18556/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ATRAC3AL_fuzzer-5646183334936576
>
> Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
> Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
> ---
> libavcodec/atrac3.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
will apply
[...]
--
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB
Any man who breaks a law that conscience tells him is unjust and willingly
accepts the penalty by staying in jail in order to arouse the conscience of
the community on the injustice of the law is at that moment expressing the
very highest respect for law. - Martin Luther King Jr
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: not available
URL: <https://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20191120/cfdeee11/attachment.sig>
More information about the ffmpeg-devel
mailing list