[FFmpeg-cvslog] avcodec/pnm: skip reading trailing bytes in get_pnm()

Michael Niedermayer git at videolan.org
Fri Aug 23 23:31:57 EEST 2019


ffmpeg | branch: master | Michael Niedermayer <michael at niedermayer.cc> | Thu Aug  1 21:12:07 2019 +0200| [68f30567df5659190bb0515e027be8f1a8116bc5] | committer: Michael Niedermayer

avcodec/pnm: skip reading trailing bytes in get_pnm()

None of the keys we support is that long and other keys
lead to decoder failure. None of the values is expected
to be longer, they are all numbers or short keywords.

This simplifies the code

Fixes: Timeout (9sec->43ms)
Fixes: 15177/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_PAM_fuzzer-5080556716425216

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>

> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=68f30567df5659190bb0515e027be8f1a8116bc5
---

 libavcodec/pnm.c | 2 --
 1 file changed, 2 deletions(-)

diff --git a/libavcodec/pnm.c b/libavcodec/pnm.c
index cadfa7569e..b4e5d3076b 100644
--- a/libavcodec/pnm.c
+++ b/libavcodec/pnm.c
@@ -58,8 +58,6 @@ static void pnm_get(PNMContext *sc, char *str, int buf_size)
         c = *bs++;
     }
     *s = '\0';
-    while (bs < end && !pnm_space(c))
-        c = *bs++;
     sc->bytestream = bs;
 }
 



More information about the ffmpeg-cvslog mailing list