Re: [FFmpeg-devel] [PATCH 6/9] avcodec/adpcm: Set vqa_version before use in init
On Thu, May 13, 2021 at 11:14:13AM +1000, Zane van Iperen wrote: > > > On 13/5/21 10:50 am, Andreas Rheinhardt wrote: > > Michael Niedermayer: > > > Fixes: null pointer dereference > > > Fixes: > > > 33172/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ADPCM_IMA_WS_fuzzer-5200164273913856 > > > > > > Found-by: continuous fuzzing process > > > https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg > > > Signed-off-by: Michael Niedermayer > > > --- > > > libavcodec/adpcm.c | 2 ++ > > > 1 file changed, 2 insertions(+) > > > > > > diff --git a/libavcodec/adpcm.c b/libavcodec/adpcm.c > > > index be14607eac..2deefeb651 100644 > > > --- a/libavcodec/adpcm.c > > > +++ b/libavcodec/adpcm.c > > > @@ -191,6 +191,8 @@ static av_cold int adpcm_decode_init(AVCodecContext * > > > avctx) > > > avctx->sample_fmt = AV_SAMPLE_FMT_S16P; > > > break; > > > case AV_CODEC_ID_ADPCM_IMA_WS: > > > +if (avctx->extradata && avctx->extradata_size >= 2) > > > +c->vqa_version = AV_RL16(avctx->extradata); > > > avctx->sample_fmt = c->vqa_version == 3 ? AV_SAMPLE_FMT_S16P : > > > AV_SAMPLE_FMT_S16; > > > break; > > > > > I think this was unnecessary, as it has already been fixed in > > ff946633a30e15415974c3f0ec7751c04eb91701. > > Yep, this was fixed by ff946633a30e15415974c3f0ec7751c04eb91701, and added to > FATE in ab38a48c485d2167e1b53eb5fb684862cf35d47c. > Shall I send a revert? no need to, i missed this, ill revert thanks [...] -- Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB Many things microsoft did are stupid, but not doing something just because microsoft did it is even more stupid. If everything ms did were stupid they would be bankrupt already. signature.asc Description: PGP signature ___ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
Re: [FFmpeg-devel] [PATCH 6/9] avcodec/adpcm: Set vqa_version before use in init
On 13/5/21 10:50 am, Andreas Rheinhardt wrote: Michael Niedermayer: Fixes: null pointer dereference Fixes: 33172/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ADPCM_IMA_WS_fuzzer-5200164273913856 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer --- libavcodec/adpcm.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/libavcodec/adpcm.c b/libavcodec/adpcm.c index be14607eac..2deefeb651 100644 --- a/libavcodec/adpcm.c +++ b/libavcodec/adpcm.c @@ -191,6 +191,8 @@ static av_cold int adpcm_decode_init(AVCodecContext * avctx) avctx->sample_fmt = AV_SAMPLE_FMT_S16P; break; case AV_CODEC_ID_ADPCM_IMA_WS: +if (avctx->extradata && avctx->extradata_size >= 2) +c->vqa_version = AV_RL16(avctx->extradata); avctx->sample_fmt = c->vqa_version == 3 ? AV_SAMPLE_FMT_S16P : AV_SAMPLE_FMT_S16; break; I think this was unnecessary, as it has already been fixed in ff946633a30e15415974c3f0ec7751c04eb91701. Yep, this was fixed by ff946633a30e15415974c3f0ec7751c04eb91701, and added to FATE in ab38a48c485d2167e1b53eb5fb684862cf35d47c. Shall I send a revert? ___ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
Re: [FFmpeg-devel] [PATCH 6/9] avcodec/adpcm: Set vqa_version before use in init
Michael Niedermayer: > Fixes: null pointer dereference > Fixes: > 33172/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ADPCM_IMA_WS_fuzzer-5200164273913856 > > Found-by: continuous fuzzing process > https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg > Signed-off-by: Michael Niedermayer > --- > libavcodec/adpcm.c | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/libavcodec/adpcm.c b/libavcodec/adpcm.c > index be14607eac..2deefeb651 100644 > --- a/libavcodec/adpcm.c > +++ b/libavcodec/adpcm.c > @@ -191,6 +191,8 @@ static av_cold int adpcm_decode_init(AVCodecContext * > avctx) > avctx->sample_fmt = AV_SAMPLE_FMT_S16P; > break; > case AV_CODEC_ID_ADPCM_IMA_WS: > +if (avctx->extradata && avctx->extradata_size >= 2) > +c->vqa_version = AV_RL16(avctx->extradata); > avctx->sample_fmt = c->vqa_version == 3 ? AV_SAMPLE_FMT_S16P : >AV_SAMPLE_FMT_S16; > break; > I think this was unnecessary, as it has already been fixed in ff946633a30e15415974c3f0ec7751c04eb91701. - Andreas ___ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
Re: [FFmpeg-devel] [PATCH 6/9] avcodec/adpcm: Set vqa_version before use in init
On Mon, Apr 19, 2021 at 08:23:43PM +0200, Michael Niedermayer wrote: > Fixes: null pointer dereference > Fixes: > 33172/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ADPCM_IMA_WS_fuzzer-5200164273913856 > > Found-by: continuous fuzzing process > https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg > Signed-off-by: Michael Niedermayer > --- > libavcodec/adpcm.c | 2 ++ > 1 file changed, 2 insertions(+) will apply [...] -- Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB When the tyrant has disposed of foreign enemies by conquest or treaty, and there is nothing more to fear from them, then he is always stirring up some war or other, in order that the people may require a leader. -- Plato signature.asc Description: PGP signature ___ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
[FFmpeg-devel] [PATCH 6/9] avcodec/adpcm: Set vqa_version before use in init
Fixes: null pointer dereference Fixes: 33172/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ADPCM_IMA_WS_fuzzer-5200164273913856 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer --- libavcodec/adpcm.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/libavcodec/adpcm.c b/libavcodec/adpcm.c index be14607eac..2deefeb651 100644 --- a/libavcodec/adpcm.c +++ b/libavcodec/adpcm.c @@ -191,6 +191,8 @@ static av_cold int adpcm_decode_init(AVCodecContext * avctx) avctx->sample_fmt = AV_SAMPLE_FMT_S16P; break; case AV_CODEC_ID_ADPCM_IMA_WS: +if (avctx->extradata && avctx->extradata_size >= 2) +c->vqa_version = AV_RL16(avctx->extradata); avctx->sample_fmt = c->vqa_version == 3 ? AV_SAMPLE_FMT_S16P : AV_SAMPLE_FMT_S16; break; -- 2.17.1 ___ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
