aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMichael Niedermayer <michael@niedermayer.cc>2023-10-15 01:52:20 +0200
committerMichael Niedermayer <michael@niedermayer.cc>2023-11-01 16:40:20 +0100
commit98c2711b58ce65eae02cb2ece3a664e1119fd8fe (patch)
tree9b41559f188490456d0f5d3c2272cdf856a9227d
parent68cc1744db828e929b74f96478c18f1d226510be (diff)
downloadffmpeg-98c2711b58ce65eae02cb2ece3a664e1119fd8fe.tar.gz
avformat/mov: Check that is_still_picture_avif has no trak based streams
Fixes: Assertion failure in mov_read_iloc( in mov_read_iloc()) Fixes: 62866/clusterfuzz-testcase-minimized-ffmpeg_dem_MOV_fuzzer-5282997370486784 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
-rw-r--r--libavformat/mov.c4
1 files changed, 4 insertions, 0 deletions
diff --git a/libavformat/mov.c b/libavformat/mov.c
index 2f29487beb..e8efccf6eb 100644
--- a/libavformat/mov.c
+++ b/libavformat/mov.c
@@ -4628,6 +4628,10 @@ static int mov_read_trak(MOVContext *c, AVIOContext *pb, MOVAtom atom)
MOVStreamContext *sc;
int ret;
+ if (c->is_still_picture_avif) {
+ return AVERROR_INVALIDDATA;
+ }
+
st = avformat_new_stream(c->fc, NULL);
if (!st) return AVERROR(ENOMEM);
st->id = -1;