Traneptora/FFmpeg
1
Fork 0
forked from FFmpeg/FFmpeg
Code Pull requests Activity

avcodec/escape130: move get_buffer down

Browse source 
This way the (slow) allocation of an image is done after various additional checks

Fixes: Timeout
Fixes: 379418967/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ESCAPE130_fuzzer-6507383574036480

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This commit is contained in:
Michael Niedermayer 2024-12-08 01:23:39 +01:00
parent 89efc6c97c
commit 34c06f5284
No known key found for this signature in database
GPG key ID: B18E8928B3948D64
1 changed files with 3 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
libavcodec/escape130.c
View file

@ -212,9 +212,6 @@ static int escape130_decode_frame(AVCodecContext *avctx, AVFrame *pic,
return AVERROR_INVALIDDATA;
}
if ((ret = ff_get_buffer(avctx, pic, 0)) < 0)
return ret;
if ((ret = init_get_bits8(&gb, avpkt->data, avpkt->size)) < 0)
return ret;
skip_bits_long(&gb, 16 * 8);
@ -310,6 +307,9 @@ static int escape130_decode_frame(AVCodecContext *avctx, AVFrame *pic,
skip--;
}
if ((ret = ff_get_buffer(avctx, pic, 0)) < 0)
return ret;
new_y = s->new_y;
new_cb = s->new_u;
new_cr = s->new_v;