[FFmpeg-devel] [PATCH] avformat/argo_brp: bail if no video frames
Zane van Iperen
zane at zanevaniperen.com
Mon Nov 2 14:21:03 EET 2020
Fixes: Assertion failure
Fixes: 26572/clusterfuzz-testcase-minimized-ffmpeg_dem_ARGO_BRP_fuzzer-5166735591997440
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Zane van Iperen <zane at zanevaniperen.com>
---
libavformat/argo_brp.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/libavformat/argo_brp.c b/libavformat/argo_brp.c
index fdc552af14..766d4fd261 100644
--- a/libavformat/argo_brp.c
+++ b/libavformat/argo_brp.c
@@ -218,6 +218,9 @@ static int argo_brp_read_header(AVFormatContext *s)
bvid->height = AV_RL32(buf + 8);
bvid->depth = AV_RL32(buf + 12);
+ if (bvid->num_frames == 0)
+ return AVERROR_INVALIDDATA;
+
/* These are from 1990's games, sanity check this. */
if (bvid->width >= 65536 || bvid->height >= 65536 ||
bvid->depth > 24 || bvid->depth % 8 != 0) {
--
2.28.0
More information about the ffmpeg-devel
mailing list