Michael Niedermayer: > Fixes: CID1454676 Out-of-bounds read > > Sponsored-by: Sovereign Tech Fund > Signed-off-by: Michael Niedermayer <[email protected]> > --- > libavcodec/flac_parser.c | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/libavcodec/flac_parser.c b/libavcodec/flac_parser.c > index 47904d515a6..d9c47801f83 100644 > --- a/libavcodec/flac_parser.c > +++ b/libavcodec/flac_parser.c > @@ -518,6 +518,8 @@ static int check_header_mismatch(FLACParseContext *fpc, > for (i = 0; i < FLAC_MAX_SEQUENTIAL_HEADERS && curr != child; i++) > curr = curr->next; > > + av_assert0(i < FLAC_MAX_SEQUENTIAL_HEADERS); > + > if (header->link_penalty[i] < FLAC_HEADER_CRC_FAIL_PENALTY || > header->link_penalty[i] == FLAC_HEADER_NOT_PENALIZED_YET) { > FLACHeaderMarker *start, *end;
If this is only supposed to mark an issue as invalid for the sanitizer, why are you adding an av_assert0 instead of av_assert1 here (and in other patches)? - Andreas _______________________________________________ ffmpeg-devel mailing list [email protected] https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email [email protected] with subject "unsubscribe".
