[FFmpeg-devel] [PATCH 3/3] avcodec/wavpack: Do not allow the sample format to change between channels

Michael Niedermayer michael at niedermayer.cc
Fri Jun 5 00:38:42 EEST 2020


On Thu, Jun 04, 2020 at 11:13:04AM -0700, David Bryant wrote:
> On 6/3/20 4:19 PM, Michael Niedermayer wrote:
> > Fixes: out of array access
> > Fixes: 22692/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WAVPACK_fuzzer-5678686190960640
> >
> > Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
> > Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
> > ---
> >  libavcodec/wavpack.c | 3 +++
> >  1 file changed, 3 insertions(+)
> >
> > diff --git a/libavcodec/wavpack.c b/libavcodec/wavpack.c
> > index ead57063c8..f77548e5a5 100644
> > --- a/libavcodec/wavpack.c
> > +++ b/libavcodec/wavpack.c
> > @@ -1129,6 +1129,9 @@ static int wavpack_decode_block(AVCodecContext *avctx, int block_no,
> >      else
> >          sample_fmt          = AV_SAMPLE_FMT_S32P;
> >  
> > +    if (wc->ch_offset && avctx->sample_fmt != sample_fmt)
> > +        return AVERROR_INVALIDDATA;
> > +
> >      bpp            = av_get_bytes_per_sample(sample_fmt);
> >      orig_bpp       = ((s->frame_flags & 0x03) + 1) << 3;
> >      multiblock     = (s->frame_flags & WV_SINGLE_BLOCK) != WV_SINGLE_BLOCK;
> 
> Looks reasonable to me and passes my local test suite. Thanks!

will apply

thx

[...]
-- 
Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

Any man who breaks a law that conscience tells him is unjust and willingly 
accepts the penalty by staying in jail in order to arouse the conscience of 
the community on the injustice of the law is at that moment expressing the 
very highest respect for law. - Martin Luther King Jr
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
URL: <https://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20200604/b1214d27/attachment.sig>


More information about the ffmpeg-devel mailing list