Dec 16, 2019, 23:19 by [email protected]: > Fixes: out of array read > Fixes: > 19327/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ATRAC9_fuzzer-5679823087468544 > > Found-by: continuous fuzzing process > https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg > Signed-off-by: Michael Niedermayer <[email protected]> >
Just zero the entire ATRAC9ChannelData->band_ext_data and return if !get_bits(gb, 5). That way mode 0 won't change the signal and mode 1, 2, 3 and 4 will have minimal effect.The 5 bits that are read are meant to correspond to the length (already known) of the band extension data to be read. I'm not sure what Sony were thinking if its 0. And ping me on IRC next time. _______________________________________________ ffmpeg-devel mailing list [email protected] https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email [email protected] with subject "unsubscribe".
