[FFmpeg-devel] [PATCH] avformat/electronicarts: Check if there are any streams

Michael Niedermayer michael at niedermayer.cc
Mon Sep 7 01:57:04 EEST 2020


Fixes: Assertion failure (invalid stream index)
Fixes: 25120/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-6565251898933248

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
---
 libavformat/electronicarts.c | 14 ++++++++------
 1 file changed, 8 insertions(+), 6 deletions(-)

diff --git a/libavformat/electronicarts.c b/libavformat/electronicarts.c
index 2ee5e1b6fa..6976a133c3 100644
--- a/libavformat/electronicarts.c
+++ b/libavformat/electronicarts.c
@@ -530,20 +530,17 @@ static int ea_read_header(AVFormatContext *s)
         if (ea->num_channels <= 0 || ea->num_channels > 2) {
             av_log(s, AV_LOG_WARNING,
                    "Unsupported number of channels: %d\n", ea->num_channels);
-            ea->audio_codec = 0;
-            return 1;
+            goto no_audio;
         }
         if (ea->sample_rate <= 0) {
             av_log(s, AV_LOG_ERROR,
                    "Unsupported sample rate: %d\n", ea->sample_rate);
-            ea->audio_codec = 0;
-            return 1;
+            goto no_audio;
         }
         if (ea->bytes <= 0 || ea->bytes > 2) {
             av_log(s, AV_LOG_ERROR,
                    "Invalid number of bytes per sample: %d\n", ea->bytes);
-            ea->audio_codec = AV_CODEC_ID_NONE;
-            return 1;
+            goto no_audio;
         }
 
         /* initialize the audio decoder stream */
@@ -564,8 +561,13 @@ static int ea_read_header(AVFormatContext *s)
                                               st->codecpar->bits_per_coded_sample;
         ea->audio_stream_index           = st->index;
         st->start_time                   = 0;
+        return 1;
     }
+no_audio:
+    ea->audio_codec = AV_CODEC_ID_NONE;
 
+    if (!ea->video.codec)
+        return AVERROR_INVALIDDATA;
     return 1;
 }
 
-- 
2.17.1



More information about the ffmpeg-devel mailing list