[FFmpeg-devel] [PATCH] libavutil/encryption_info: Add NULL checks.

Jacob Trimble modmaker at google.com
Thu May 31 19:33:36 EEST 2018


Found by Chrome's ClusterFuzz: http://crbug.com/846662.

Signed-off-by: Jacob Trimble <modmaker at google.com>
---
 libavutil/encryption_info.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/libavutil/encryption_info.c b/libavutil/encryption_info.c
index 20a752d6b4..a48ded922c 100644
--- a/libavutil/encryption_info.c
+++ b/libavutil/encryption_info.c
@@ -64,6 +64,8 @@ AVEncryptionInfo *av_encryption_info_clone(const AVEncryptionInfo *info)
 {
     AVEncryptionInfo *ret;
 
+    if (!info)
+        return NULL;
     ret = av_encryption_info_alloc(info->subsample_count, info->key_id_size, info->iv_size);
     if (!ret)
         return NULL;
@@ -127,7 +129,7 @@ uint8_t *av_encryption_info_add_side_data(const AVEncryptionInfo *info, size_t *
     uint8_t *buffer, *cur_buffer;
     uint32_t i;
 
-    if (UINT32_MAX - FF_ENCRYPTION_INFO_EXTRA < info->key_id_size ||
+    if (!info || !size || UINT32_MAX - FF_ENCRYPTION_INFO_EXTRA < info->key_id_size ||
         UINT32_MAX - FF_ENCRYPTION_INFO_EXTRA - info->key_id_size < info->iv_size ||
         (UINT32_MAX - FF_ENCRYPTION_INFO_EXTRA - info->key_id_size - info->iv_size) / 8 < info->subsample_count) {
         return NULL;
@@ -260,7 +262,8 @@ uint8_t *av_encryption_init_info_add_side_data(const AVEncryptionInitInfo *info,
     uint8_t *buffer, *cur_buffer;
     uint32_t i, max_size;
 
-    if (UINT32_MAX - FF_ENCRYPTION_INIT_INFO_EXTRA < info->system_id_size ||
+    if (!info || !side_data_size ||
+        UINT32_MAX - FF_ENCRYPTION_INIT_INFO_EXTRA < info->system_id_size ||
         UINT32_MAX - FF_ENCRYPTION_INIT_INFO_EXTRA - info->system_id_size < info->data_size) {
         return NULL;
     }
-- 
2.17.0.921.gf22659ad46-goog



More information about the ffmpeg-devel mailing list