sön 2021-09-05 klockan 21:24 +0200 skrev Michael Niedermayer: > Fixes: Out of array access > Fixes: 37030/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer- > 5387719147651072 > > Found-by: continuous fuzzing process > https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg > Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> > --- > libavformat/mxfdec.c | 4 ++++ > 1 file changed, 4 insertions(+) > > diff --git a/libavformat/mxfdec.c b/libavformat/mxfdec.c > index 55f2e5c767..ebe411b04d 100644 > --- a/libavformat/mxfdec.c > +++ b/libavformat/mxfdec.c > @@ -552,6 +552,10 @@ static int mxf_get_d10_aes3_packet(AVIOContext > *pb, AVStream *st, AVPacket *pkt, > data_ptr = pkt->data; > end_ptr = pkt->data + length; > buf_ptr = pkt->data + 4; /* skip SMPTE 331M header */ > + > + if (st->codecpar->channels > 8) > + return AVERROR_INVALIDDATA;
Looks fine. Double-checked S331m, AES is limited to 8 channels /Tomas _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".