avformat/oggdec: Disable mid stream codec changes

Fixes: 22082/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5688619118624768 Fixes: crash from V-codecs/Theora/theora_testsuite_broken/multi2.ogg Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Suggested-by: Lynne on IRC Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 70277f12328fb052c2c758fa7f4eb36b9ea89638) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
author: Michael Niedermayer <michael@niedermayer.cc> 2020-06-13 12:36:49 +0200
committer: Michael Niedermayer <michael@niedermayer.cc> 2020-06-14 22:02:34 +0200
commit: 6011484167bf4a0548dedd0da573c4933cd335be (patch)
tree: b03305aa4c0793fed6e4f817426456207a4a1afa
parent: c37218944327857e62e831840e1e8d50b481f230 (diff)
download: ffmpeg-6011484167bf4a0548dedd0da573c4933cd335be.tar.gz
1 files changed, 3 insertions, 2 deletions
diff --git a/libavformat/oggdec.c b/libavformat/oggdec.c
index 9eb45499c6..a456c3df60 100644
--- a/libavformat/oggdec.c
+++ b/libavformat/oggdec.c
@@ -226,9 +226,10 @@ static int ogg_replace_stream(AVFormatContext *s, uint32_t serial, char *magic,
         return AVERROR_INVALIDDATA;
     }
 
-    /* We only have a single stream anyway, so if there's a new stream with
-     * a different codec just replace it */
     os = &ogg->streams[0];
+    if (os->codec != codec)
+        return AVERROR(EINVAL);
+
     os->serial  = serial;
     os->codec   = codec;
     os->serial  = serial;
author	Michael Niedermayer <michael@niedermayer.cc>	2020-06-13 12:36:49 +0200
committer	Michael Niedermayer <michael@niedermayer.cc>	2020-06-14 22:02:34 +0200
commit	6011484167bf4a0548dedd0da573c4933cd335be (patch)
tree	b03305aa4c0793fed6e4f817426456207a4a1afa
parent	c37218944327857e62e831840e1e8d50b481f230 (diff)
download	ffmpeg-6011484167bf4a0548dedd0da573c4933cd335be.tar.gz