#11692: [Security] heap-buffer-overflow on alphablend.c:77
------------------------------------+-----------------------------------
Reporter: flyfish101 | Owner: (none)
Type: defect | Status: new
Priority: important | Component: swscale
Version: git-master | Resolution:
Keywords: fuzz | Blocked By:
Blocking: | Reproduced by developer: 0
Analyzed by developer: 0 |
------------------------------------+-----------------------------------
Comment (by flyfish101):
Replying to [comment:3 Michael Niedermayer]:
> Please use the fuzzer we have without modifications. If you want to
improve the fuzzer submit a patch to it. If you really have to modify it
explain what and why it was modified. Is this report AI generated ?
In this example, we modified the hardcoded alphablend setting in the
driver:
{{{
av_opt_set(sws, "alphablend", "none", 0);
}}}
to enable more alphablend modes. See this line:
https://trac.ffmpeg.org/attachment/ticket/11692/target_sws_fuzzer1519.c#L208
You can read this paper, which explains why it is important to modify and
refine the current fuzz driver.
https://thuanpv.github.io/publications/Fuzzing23_FuzzBlockers.pdf
In short, We are using LLM to help us analyze the existing bottlenecks in
fuzzing and to explore more code paths. If you're interested, we could
explore deeper research and collaboration. By the way, please check these
bugs :)
--
Ticket URL: <https://trac.ffmpeg.org/ticket/11692#comment:4>
FFmpeg <https://ffmpeg.org>
FFmpeg issue tracker
_______________________________________________
FFmpeg-trac mailing list
[email protected]
https://ffmpeg.org/mailman/listinfo/ffmpeg-trac
To unsubscribe, visit link above, or email
[email protected] with subject "unsubscribe".
