avcodec/mlpdec: Do not leave a invalid num_primitive_matrices in the context

Fixes: runtime error: index 8 out of bounds for type 'uint8_t [8]' Fixes: 1699/clusterfuzz-testcase-minimized-6327177438035968 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 64ea4d102a070b95832ae4a751688f87da7760a2) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
author: Michael Niedermayer <michael@niedermayer.cc> 2017-05-20 01:23:01 +0200
committer: Michael Niedermayer <michael@niedermayer.cc> 2017-06-02 01:14:38 +0200
commit: e605faaabcf8503166e5cb06a98cddbca46756a7 (patch)
tree: cc7cf87798b137bca54cbbaea7bf9b8b854da686
parent: f3b6ea14081a696d6ece566c403ae55d8109ddb0 (diff)
download: ffmpeg-e605faaabcf8503166e5cb06a98cddbca46756a7.tar.gz
1 files changed, 1 insertions, 0 deletions
diff --git a/libavcodec/mlpdec.c b/libavcodec/mlpdec.c
index 5426712007..eac19a0d5e 100644
--- a/libavcodec/mlpdec.c
+++ b/libavcodec/mlpdec.c
@@ -729,6 +729,7 @@ static int read_matrix_params(MLPDecodeContext *m, unsigned int substr, GetBitCo
         av_log(m->avctx, AV_LOG_ERROR,
                "Number of primitive matrices cannot be greater than %d.\n",
                max_primitive_matrices);
+        s->num_primitive_matrices = 0;
         return AVERROR_INVALIDDATA;
     }
author	Michael Niedermayer <michael@niedermayer.cc>	2017-05-20 01:23:01 +0200
committer	Michael Niedermayer <michael@niedermayer.cc>	2017-06-02 01:14:38 +0200
commit	e605faaabcf8503166e5cb06a98cddbca46756a7 (patch)
tree	cc7cf87798b137bca54cbbaea7bf9b8b854da686
parent	f3b6ea14081a696d6ece566c403ae55d8109ddb0 (diff)
download	ffmpeg-e605faaabcf8503166e5cb06a98cddbca46756a7.tar.gz