Michael Niedermayer:
> Fixes: CID1454676 Out-of-bounds read
>
> Sponsored-by: Sovereign Tech Fund
> Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
> ---
> libavcodec/flac_parser.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/libavcodec/flac_parser.c b/libavcodec/flac_parser.c
> index 47904d515a6..d9c47801f83 100644
> --- a/libavcodec/flac_parser.c
> +++ b/libavcodec/flac_parser.c
> @@ -518,6 +518,8 @@ static int check_header_mismatch(FLACParseContext *fpc,
> for (i = 0; i < FLAC_MAX_SEQUENTIAL_HEADERS && curr != child; i++)
> curr = curr->next;
>
> + av_assert0(i < FLAC_MAX_SEQUENTIAL_HEADERS);
> +
> if (header->link_penalty[i] < FLAC_HEADER_CRC_FAIL_PENALTY ||
> header->link_penalty[i] == FLAC_HEADER_NOT_PENALIZED_YET) {
> FLACHeaderMarker *start, *end;
If this is only supposed to mark an issue as invalid for the sanitizer,
why are you adding an av_assert0 instead of av_assert1 here (and in
other patches)?
- Andreas
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
