aboutsummaryrefslogtreecommitdiffstats
path: root/libavcodec
diff options
context:
space:
mode:
authorJames Almer <jamrial@gmail.com>2023-09-17 00:05:18 +0200
committerMichael Niedermayer <michael@niedermayer.cc>2023-09-19 21:28:40 +0200
commit13d22dc45403abee69af51b4150668a4a627492c (patch)
treea48c497238866cfafaf7d19e319479e2afc20291 /libavcodec
parent42b20c93aedffc3bed548d5c4cc1f07b5065ce28 (diff)
downloadffmpeg-13d22dc45403abee69af51b4150668a4a627492c.tar.gz
avcodec/dcadec: Do not explode EAGAIN
Fixes: out of array access Fixes: 62164/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DCA_fuzzer-6041088751960064 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Diffstat (limited to 'libavcodec')
-rw-r--r--libavcodec/dcadec.c9
1 files changed, 4 insertions, 5 deletions
diff --git a/libavcodec/dcadec.c b/libavcodec/dcadec.c
index 3e3e3053bb..1fee49cf4d 100644
--- a/libavcodec/dcadec.c
+++ b/libavcodec/dcadec.c
@@ -217,11 +217,10 @@ static int dcadec_decode_frame(AVCodecContext *avctx, AVFrame *frame,
if (asset && (asset->extension_mask & DCA_EXSS_XLL)) {
if ((ret = ff_dca_xll_parse(&s->xll, input, asset)) < 0) {
// Conceal XLL synchronization error
- if (ret == AVERROR(EAGAIN)
- && (prev_packet & DCA_PACKET_XLL)
- && (s->packet & DCA_PACKET_CORE))
- s->packet |= DCA_PACKET_XLL | DCA_PACKET_RECOVERY;
- else if (ret == AVERROR(ENOMEM) || (avctx->err_recognition & AV_EF_EXPLODE))
+ if (ret == AVERROR(EAGAIN)) {
+ if ((prev_packet & DCA_PACKET_XLL) && (s->packet & DCA_PACKET_CORE))
+ s->packet |= DCA_PACKET_XLL | DCA_PACKET_RECOVERY;
+ } else if (ret == AVERROR(ENOMEM) || (avctx->err_recognition & AV_EF_EXPLODE))
return ret;
} else {
s->packet |= DCA_PACKET_XLL;
generated by cgit v1.2.3 (git 2.25.1) at 2025-01-18 09:24:54 +0000