[FFmpeg-devel] [PATCH 4/5] avformat/mxfdec: Check index_edit_rate
Tomas Härdin
git at haerdin.se
Tue Apr 9 22:21:03 EEST 2024
mån 2024-04-08 klockan 21:46 +0200 skrev Marton Balint:
>
>
> On Mon, 8 Apr 2024, Tomas Härdin wrote:
>
> > tor 2024-04-04 klockan 00:51 +0200 skrev Michael Niedermayer:
> > > Fixes: Assertion b >=0 failed at libavutil/mathematics.c:62
> > > Fixes: 67811/clusterfuzz-testcase-minimized-
> > > ffmpeg_dem_MXF_fuzzer-
> > > 5108429687422976
> > >
> > > Found-by: continuous fuzzing process
> > > https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
> > > Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
> > > ---
> > > libavformat/mxfdec.c | 3 +++
> > > 1 file changed, 3 insertions(+)
> > >
> > > diff --git a/libavformat/mxfdec.c b/libavformat/mxfdec.c
> > > index 04de4c1d5e3..233d614f783 100644
> > > --- a/libavformat/mxfdec.c
> > > +++ b/libavformat/mxfdec.c
> > > @@ -1264,6 +1264,9 @@ static int
> > > mxf_read_index_table_segment(void
> > > *arg, AVIOContext *pb, int tag, int
> > > case 0x3F0B:
> > > segment->index_edit_rate.num = avio_rb32(pb);
> > > segment->index_edit_rate.den = avio_rb32(pb);
> > > + if (segment->index_edit_rate.num <= 0 ||
> > > + segment->index_edit_rate.den <= 0)
> > > + return AVERROR_INVALIDDATA;
> >
> > mxf_compute_index_tables() has a check for index_edit_rate that you
> > probably want to remove as well. It was introduced in c6fff3d, but
> > the
> > files it supposedly fixes aren't in FATE. We shouldn't encourage
> > broken
> > muxers.
>
> I don't quite get what FATE has to do with it. And the samples
> mentioned
> in the patch has valid index segment edit rates, only they are
> different
> from the track edit rate, and the patch was intended to fix that
> case.
Then why does it check against 0/0?
/Tomas
More information about the ffmpeg-devel
mailing list