[FFmpeg-devel] [PATCH] avcodec/scpr: Test bx before use

Michael Niedermayer michael at niedermayer.cc
Wed Jan 11 12:27:48 EET 2023


On Sun, Jan 08, 2023 at 09:24:16PM +0100, Michael Niedermayer wrote:
> Fixes: out of array access on 32bit
> Fixes: 54850/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SCPR_fuzzer-5302669294305280
> 
> Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
> Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
> ---
>  libavcodec/scpr.c | 3 +++
>  1 file changed, 3 insertions(+)

will apply

[...]

-- 
Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

If the United States is serious about tackling the national security threats 
related to an insecure 5G network, it needs to rethink the extent to which it
values corporate profits and government espionage over security.-Bruce Schneier
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
URL: <https://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20230111/481b775a/attachment.sig>


More information about the ffmpeg-devel mailing list