[FFmpeg-trac] #11689(swscale:new): [Security] Division by zero on libswscale/utils.c:1408:60
FFmpeg
trac at avcodec.org
Mon Jul 28 17:44:12 EEST 2025
#11689: [Security] Division by zero on libswscale/utils.c:1408:60
------------------------------------+--------------------------------------
Reporter: flyfish101 | Type: defect
Status: new | Priority: important
Component: swscale | Version: git-master
Keywords: fuzzer | Blocked By:
Blocking: | Reproduced by developer: 0
Analyzed by developer: 0 |
------------------------------------+--------------------------------------
Summary of the bug:
{{{
fuzz at Fuzz2:~/Desktop/projects_oss/FFmpeg/tools/fuzzout/sws_fuzz$
./target_sws_fuzzer1051
/home/fuzz/Desktop/projects_oss/FFmpeg/tools/fuzzout/sws_fuzz/out_sws_1051/default/crashes/id:000457,sig:08,src:014662_time:386353182_execs:207939645_op:havoc_rep:16
Reading 224 bytes from
/home/fuzz/Desktop/projects_oss/FFmpeg/tools/fuzzout/sws_fuzz/out_sws_1051/default/crashes/id:000457,sig:08,src:014662_time:386353182_execs:207939645_op:havoc_rep:16
8 x 474 gray12be -> 8 x 1 yuv410p
libswscale/utils.c:1408:60: runtime error: division by zero
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior
libswscale/utils.c:1408:60 in
AddressSanitizer:DEADLYSIGNAL
=================================================================
==1625492==ERROR: AddressSanitizer: FPE on unknown address 0x5555557b8a46
(pc 0x5555557b8a46 bp 0x7fffffffcd70 sp 0x7fffffffcaa0 T0)
#0 0x5555557b8a46 in ff_sws_init_single_context
/home/fuzz/Desktop/projects_oss/FFmpeg/libswscale/utils.c:1408:60
#1 0x5555559689db in LLVMFuzzerTestOneInput
/home/fuzz/Desktop/projects_oss/FFmpeg/tools/./target_sws_fuzzer1051.c:178:11
#2 0x55555595f37d in ExecuteFilesOnyByOne
/home/fuzz/Desktop/DDGF_Project/AFLplusplus/utils/aflpp_driver/aflpp_driver.c:255:7
#3 0x55555595f188 in LLVMFuzzerRunDriver
/home/fuzz/Desktop/DDGF_Project/AFLplusplus/utils/aflpp_driver/aflpp_driver.c
#4 0x55555595ed48 in main
/home/fuzz/Desktop/DDGF_Project/AFLplusplus/utils/aflpp_driver/aflpp_driver.c:300:10
#5 0x7ffff7c3b082 in __libc_start_main /build/glibc-
B3wQXB/glibc-2.31/csu/../csu/libc-start.c:308:16
#6 0x555555869fdd in _start
(/home/fuzz/Desktop/projects_oss/FFmpeg/tools/fuzzout/sws_fuzz/target_sws_fuzzer1051+0x315fdd)
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: FPE
/home/fuzz/Desktop/projects_oss/FFmpeg/libswscale/utils.c:1408:60 in
ff_sws_init_single_context
==1625492==ABORTING
}}}
--
Ticket URL: <https://trac.ffmpeg.org/ticket/11689>
FFmpeg <https://ffmpeg.org>
FFmpeg issue tracker
More information about the FFmpeg-trac
mailing list