[FFmpeg-devel] [PATCH 3/6] avcodec/tiff: Check strip values when they will be used
Michael Niedermayer
michael at niedermayer.cc
Sun Dec 27 19:49:35 EET 2020
Regression since: da5b3d002862d1e105002a6dc1567e6551860896
Fixes: Assertion buf_size >= 0 failed at libavcodec/bytestream.h:151
Fixes: 28599/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TIFF_fuzzer-5362335027953664
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
---
libavcodec/tiff.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libavcodec/tiff.c b/libavcodec/tiff.c
index fa1f44ce1d..d1ca45409a 100644
--- a/libavcodec/tiff.c
+++ b/libavcodec/tiff.c
@@ -1930,7 +1930,7 @@ again:
if ((ret = init_image(s, &frame)) < 0)
return ret;
- if (!s->is_tiled) {
+ if (has_strip_bits) {
if (s->strips == 1 && !s->stripsize) {
av_log(avctx, AV_LOG_WARNING, "Image data size missing\n");
s->stripsize = avpkt->size - s->stripoff;
--
2.17.1
More information about the ffmpeg-devel
mailing list