aboutsummaryrefslogtreecommitdiffstats
path: root/libavdevice
diff options
context:
space:
mode:
authorMark Thompson <sw@jkqxz.net>2021-02-02 20:58:11 +0000
committerMark Thompson <sw@jkqxz.net>2021-03-12 22:45:33 +0000
commit2c96e6cb955af3062e78c5b0f9fb907cfb2e59e3 (patch)
tree23f0583aba572b823d56f343bd622f8e490c5adb /libavdevice
parentb128b0ce2203f96ff86969f6d0039827a7f00378 (diff)
downloadffmpeg-2c96e6cb955af3062e78c5b0f9fb907cfb2e59e3.tar.gz
cbs_sei: Detect payload overflows when reading SEI messages
The top-level GetBitContext is sized for the whole NAL unit, so it fails to detect overflows where a payload continues into the following message. To fix that, we make a new context on the stack for reading each payload. Fixes: 29892/clusterfuzz-testcase-minimized-ffmpeg_BSF_H264_REDUNDANT_PPS_fuzzer-6310830956216320 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Tested-by: Michael Niedermayer <michael@niedermayer.cc>
Diffstat (limited to 'libavdevice')
0 files changed, 0 insertions, 0 deletions