avformat/xwma: Check for EOF in dpds_table read code

Fixes: Timeout (>30 -> 140ms) Fixes: 26478/clusterfuzz-testcase-minimized-ffmpeg_dem_XWMA_fuzzer-5918147066200064 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 44b18a76b8d4e01c7ce62474aaf196857e75e976) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
author: Michael Niedermayer <michael@niedermayer.cc> 2020-10-21 19:37:45 +0200
committer: Michael Niedermayer <michael@niedermayer.cc> 2021-10-17 21:34:53 +0200
commit: d4478ed2446980dad2f66fe6dbbbacc2e01ebe43 (patch)
tree: 4442dd5cda27ed6f3cba770c8963801def5679f1
parent: c0b0cb5d80875c77bc5ae2b98a3d26b58b05c213 (diff)
download: ffmpeg-d4478ed2446980dad2f66fe6dbbbacc2e01ebe43.tar.gz
1 files changed, 4 insertions, 0 deletions
diff --git a/libavformat/xwma.c b/libavformat/xwma.c
index 9edad7d75a..3e62a805aa 100644
--- a/libavformat/xwma.c
+++ b/libavformat/xwma.c
@@ -178,6 +178,10 @@ static int xwma_read_header(AVFormatContext *s)
             }
 
             for (i = 0; i < dpds_table_size; ++i) {
+                if (avio_feof(pb)) {
+                    ret = AVERROR_INVALIDDATA;
+                    goto fail;
+                }
                 dpds_table[i] = avio_rl32(pb);
                 size -= 4;
             }
author	Michael Niedermayer <michael@niedermayer.cc>	2020-10-21 19:37:45 +0200
committer	Michael Niedermayer <michael@niedermayer.cc>	2021-10-17 21:34:53 +0200
commit	d4478ed2446980dad2f66fe6dbbbacc2e01ebe43 (patch)
tree	4442dd5cda27ed6f3cba770c8963801def5679f1
parent	c0b0cb5d80875c77bc5ae2b98a3d26b58b05c213 (diff)
download	ffmpeg-d4478ed2446980dad2f66fe6dbbbacc2e01ebe43.tar.gz