[FFmpeg-devel] [PATCH 1/4] avcodec/jpegls: Check A[Q] for overflow in ff_jpegls_update_state_regular()
Michael Niedermayer
michael at niedermayer.cc
Wed Mar 3 11:49:01 EET 2021
Fixes: Timeout
Fixes: 30912/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MJPEG_fuzzer-5556235476795392
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
---
libavcodec/jpegls.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libavcodec/jpegls.h b/libavcodec/jpegls.h
index 16372bd39d..aac67bbe31 100644
--- a/libavcodec/jpegls.h
+++ b/libavcodec/jpegls.h
@@ -95,7 +95,7 @@ static inline void ff_jpegls_downscale_state(JLSState *state, int Q)
static inline int ff_jpegls_update_state_regular(JLSState *state,
int Q, int err)
{
- if(FFABS(err) > 0xFFFF)
+ if(FFABS(err) > 0xFFFF || FFABS(err) > INT_MAX - state->A[Q])
return -0x10000;
state->A[Q] += FFABS(err);
err *= state->twonear;
--
2.17.1
More information about the ffmpeg-devel
mailing list