[FFmpeg-devel] [PATCH 2/3] avformat/tty: Fix division by 0 in probe
Paul B Mahol
onemda at gmail.com
Thu Feb 6 16:27:11 EET 2020
Nonsense, why would this code be called with 0 buffer?
On 2/6/20, Michael Niedermayer <michael at niedermayer.cc> wrote:
> Fixes: division by zero
> Fixes:
> 20436/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5763229752229888
>
> Found-by: continuous fuzzing process
> https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
> Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
> ---
> libavformat/tty.c | 3 +++
> 1 file changed, 3 insertions(+)
>
> diff --git a/libavformat/tty.c b/libavformat/tty.c
> index 60f7e9f87e..854a23c500 100644
> --- a/libavformat/tty.c
> +++ b/libavformat/tty.c
> @@ -53,6 +53,9 @@ static int read_probe(const AVProbeData *p)
> {
> int cnt = 0;
>
> + if (!p->buf_size)
> + return 0;
> +
> for (int i = 0; i < p->buf_size; i++)
> cnt += !!isansicode(p->buf[i]);
>
> --
> 2.17.1
>
> _______________________________________________
> ffmpeg-devel mailing list
> ffmpeg-devel at ffmpeg.org
> https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
>
> To unsubscribe, visit link above, or email
> ffmpeg-devel-request at ffmpeg.org with subject "unsubscribe".
More information about the ffmpeg-devel
mailing list