[FFmpeg-cvslog] avcodec/mpeg12dec: Fix got_output

Sun Jul 5 20:51:04 EEST 2020

ffmpeg | branch: release/2.8 | Michael Niedermayer <michael at niedermayer.cc> | Thu May 28 00:19:56 2020 +0200| [02361a13efb90f94d9746d7087479822827723bb] | committer: Michael Niedermayer

avcodec/mpeg12dec: Fix got_output

This makes got_output consistent with the code in slice_end() which sets the output

in slice_end()
 if (s->pict_type == AV_PICTURE_TYPE_B || s->low_delay) {
     int ret = av_frame_ref(pict, s->current_picture_ptr->f);
     ...
 } else {

Fixes: assertion failure
Fixes: 22178/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MPEG1VIDEO_fuzzer-5664234440753152

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 4f33a9803a3068ce2d52289fc1db60375dc8b7a5)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>

> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=02361a13efb90f94d9746d7087479822827723bb
---

 libavcodec/mpeg12dec.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libavcodec/mpeg12dec.c b/libavcodec/mpeg12dec.c
index b93cbc4cf0..e7661e1a8d 100644
--- a/libavcodec/mpeg12dec.c
+++ b/libavcodec/mpeg12dec.c
@@ -2485,7 +2485,7 @@ static int decode_chunks(AVCodecContext *avctx, AVFrame *picture,
                     return ret;
                 else if (ret) {
                     // FIXME: merge with the stuff in mpeg_decode_slice
-                    if (s2->last_picture_ptr || s2->low_delay)
+                    if (s2->last_picture_ptr || s2->low_delay || s2->pict_type == AV_PICTURE_TYPE_B)
                         *got_output = 1;
                 }
             }

