Michael Niedermayer: > Fixes: CID1454676 Out-of-bounds read > > Sponsored-by: Sovereign Tech Fund > Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> > --- > libavcodec/flac_parser.c | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/libavcodec/flac_parser.c b/libavcodec/flac_parser.c > index 47904d515a6..d9c47801f83 100644 > --- a/libavcodec/flac_parser.c > +++ b/libavcodec/flac_parser.c > @@ -518,6 +518,8 @@ static int check_header_mismatch(FLACParseContext *fpc, > for (i = 0; i < FLAC_MAX_SEQUENTIAL_HEADERS && curr != child; i++) > curr = curr->next; > > + av_assert0(i < FLAC_MAX_SEQUENTIAL_HEADERS); > + > if (header->link_penalty[i] < FLAC_HEADER_CRC_FAIL_PENALTY || > header->link_penalty[i] == FLAC_HEADER_NOT_PENALIZED_YET) { > FLACHeaderMarker *start, *end;
If this is only supposed to mark an issue as invalid for the sanitizer, why are you adding an av_assert0 instead of av_assert1 here (and in other patches)? - Andreas _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".