PR #21742 opened by michaelni URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/21742 Patch URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/21742.patch
Fixes: passing zero to __builtin_clz(), which is not a valid argument Fixes: 471569982/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_PRORES_RAW_DEC_fuzzer-5832576221904896 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <[email protected]> >From 40fb893468b8bf2076f3687714f7586eb4ae77c1 Mon Sep 17 00:00:00 2001 From: Michael Niedermayer <[email protected]> Date: Fri, 13 Feb 2026 00:06:26 +0100 Subject: [PATCH] avcodec/prores_raw: Tiles of width less than 16 result in undefined behavior Fixes: passing zero to __builtin_clz(), which is not a valid argument Fixes: 471569982/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_PRORES_RAW_DEC_fuzzer-5832576221904896 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <[email protected]> --- libavcodec/prores_raw.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/libavcodec/prores_raw.c b/libavcodec/prores_raw.c index eb1a9af14f..d852d40d64 100644 --- a/libavcodec/prores_raw.c +++ b/libavcodec/prores_raw.c @@ -251,6 +251,8 @@ static int decode_tile(AVCodecContext *avctx, TileContext *tile, if (tile->x >= avctx->width) return 0; + if (avctx->width - tile->x < 16) + return AVERROR_PATCHWELCOME; /* Tile header */ int header_len = bytestream2_get_byteu(gb) >> 3; -- 2.52.0 _______________________________________________ ffmpeg-devel mailing list -- [email protected] To unsubscribe send an email to [email protected]
