[FFmpeg-devel] [PATCH 4/5] avformat/mxfdec: Check index_edit_rate
Marton Balint
cus at passwd.hu
Mon Apr 8 22:46:38 EEST 2024
On Mon, 8 Apr 2024, Tomas Härdin wrote:
> tor 2024-04-04 klockan 00:51 +0200 skrev Michael Niedermayer:
>> Fixes: Assertion b >=0 failed at libavutil/mathematics.c:62
>> Fixes: 67811/clusterfuzz-testcase-minimized-ffmpeg_dem_MXF_fuzzer-
>> 5108429687422976
>>
>> Found-by: continuous fuzzing process
>> https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
>> Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
>> ---
>> libavformat/mxfdec.c | 3 +++
>> 1 file changed, 3 insertions(+)
>>
>> diff --git a/libavformat/mxfdec.c b/libavformat/mxfdec.c
>> index 04de4c1d5e3..233d614f783 100644
>> --- a/libavformat/mxfdec.c
>> +++ b/libavformat/mxfdec.c
>> @@ -1264,6 +1264,9 @@ static int mxf_read_index_table_segment(void
>> *arg, AVIOContext *pb, int tag, int
>> case 0x3F0B:
>> segment->index_edit_rate.num = avio_rb32(pb);
>> segment->index_edit_rate.den = avio_rb32(pb);
>> + if (segment->index_edit_rate.num <= 0 ||
>> + segment->index_edit_rate.den <= 0)
>> + return AVERROR_INVALIDDATA;
>
> mxf_compute_index_tables() has a check for index_edit_rate that you
> probably want to remove as well. It was introduced in c6fff3d, but the
> files it supposedly fixes aren't in FATE. We shouldn't encourage broken
> muxers.
I don't quite get what FATE has to do with it. And the samples mentioned
in the patch has valid index segment edit rates, only they are different
from the track edit rate, and the patch was intended to fix that case.
Regards,
Marton
More information about the ffmpeg-devel
mailing list