On Mon, Jun 15, 2020 at 12:10:14AM +0200, Michael Niedermayer wrote:
> Fixes: assertion failure
> Fixes:
> 23422/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TIFF_fuzzer-5746026064642048
>
> Found-by: continuous fuzzing process
> https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
> Signed-off-by: Michael Niedermayer <[email protected]>
> ---
> libavcodec/tiff.c | 4 ++++
> 1 file changed, 4 insertions(+)
>
> diff --git a/libavcodec/tiff.c b/libavcodec/tiff.c
> index 010943c38c..26a936074f 100644
> --- a/libavcodec/tiff.c
> +++ b/libavcodec/tiff.c
> @@ -679,6 +679,10 @@ static int tiff_unpack_strip(TiffContext *s, AVFrame *p,
> uint8_t *dst, int strid
> return 0;
> }
>
> + if (is_dng && stride == 0)
> + return AVERROR_INVALIDDATA;
> +
> +
why add two blank line here?
> for (line = 0; line < lines; line++) {
> if (src - ssrc > size) {
> av_log(s->avctx, AV_LOG_ERROR, "Source data overread\n");
> --
> 2.17.1
>
> _______________________________________________
> ffmpeg-devel mailing list
> [email protected]
> https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
>
> To unsubscribe, visit link above, or email
> [email protected] with subject "unsubscribe".
--
Thanks,
Limin Wang
_______________________________________________
ffmpeg-devel mailing list
[email protected]
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
[email protected] with subject "unsubscribe".
