[FFmpeg-devel] [PATCH 6/9] avcodec/adpcm: Set vqa_version before use in init

Michael Niedermayer michael at niedermayer.cc
Thu May 13 15:19:24 EEST 2021


On Thu, May 13, 2021 at 11:14:13AM +1000, Zane van Iperen wrote:
> 
> 
> On 13/5/21 10:50 am, Andreas Rheinhardt wrote:
> > Michael Niedermayer:
> > > Fixes: null pointer dereference
> > > Fixes: 33172/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ADPCM_IMA_WS_fuzzer-5200164273913856
> > > 
> > > Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
> > > Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
> > > ---
> > >   libavcodec/adpcm.c | 2 ++
> > >   1 file changed, 2 insertions(+)
> > > 
> > > diff --git a/libavcodec/adpcm.c b/libavcodec/adpcm.c
> > > index be14607eac..2deefeb651 100644
> > > --- a/libavcodec/adpcm.c
> > > +++ b/libavcodec/adpcm.c
> > > @@ -191,6 +191,8 @@ static av_cold int adpcm_decode_init(AVCodecContext * avctx)
> > >           avctx->sample_fmt = AV_SAMPLE_FMT_S16P;
> > >           break;
> > >       case AV_CODEC_ID_ADPCM_IMA_WS:
> > > +        if (avctx->extradata && avctx->extradata_size >= 2)
> > > +            c->vqa_version = AV_RL16(avctx->extradata);
> > >           avctx->sample_fmt = c->vqa_version == 3 ? AV_SAMPLE_FMT_S16P :
> > >                                                     AV_SAMPLE_FMT_S16;
> > >           break;
> > > 
> > I think this was unnecessary, as it has already been fixed in
> > ff946633a30e15415974c3f0ec7751c04eb91701.
> 
> Yep, this was fixed by ff946633a30e15415974c3f0ec7751c04eb91701, and added to FATE in ab38a48c485d2167e1b53eb5fb684862cf35d47c.
> Shall I send a revert?

no need to, i missed this, ill revert 

thanks

[...]
-- 
Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

Many things microsoft did are stupid, but not doing something just because
microsoft did it is even more stupid. If everything ms did were stupid they
would be bankrupt already.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
URL: <https://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20210513/bb0bbaa2/attachment.sig>


More information about the ffmpeg-devel mailing list