[FFmpeg-cvslog] tools/target_dec_fuzzer: Do not corrupt the packet size return

Michael Niedermayer git at videolan.org
Mon Aug 26 21:47:35 EEST 2019


ffmpeg | branch: master | Michael Niedermayer <michael at niedermayer.cc> | Sun Aug 25 20:41:57 2019 +0200| [5af613cc484e352113987e04db927178004e6d94] | committer: Michael Niedermayer

tools/target_dec_fuzzer: Do not corrupt the packet size return

Fixes: Timeout (infinite)
Fixes: 16732/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TAK_fuzzer-5642166377906176

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: James Almer <jamrial at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>

> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=5af613cc484e352113987e04db927178004e6d94
---

 tools/target_dec_fuzzer.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/tools/target_dec_fuzzer.c b/tools/target_dec_fuzzer.c
index 7bf25608ba..9dd6a5ef0b 100644
--- a/tools/target_dec_fuzzer.c
+++ b/tools/target_dec_fuzzer.c
@@ -219,8 +219,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
                     if (!avpkt.buf)
                         error("Failed memory allocation");
                 } else {
-                    ret = av_packet_make_refcounted(&avpkt);
-                    if (ret < 0)
+                    if (av_packet_make_refcounted(&avpkt) < 0)
                         error("Failed memory allocation");
                 }
                 parsepkt.data += ret;



More information about the ffmpeg-cvslog mailing list