[FFmpeg-cvslog] avformat/mvdec: Check for EOF in read_index()

Michael Niedermayer git at videolan.org
Wed Feb 10 13:43:03 EET 2021


ffmpeg | branch: master | Michael Niedermayer <michael at niedermayer.cc> | Sun Jan 31 16:19:42 2021 +0100| [6c64351bb1f4dc148069a37754b746fcd4c784cf] | committer: Michael Niedermayer

avformat/mvdec: Check for EOF in read_index()

Fixes: Timeout
Fixes: 29550/clusterfuzz-testcase-minimized-ffmpeg_dem_MV_fuzzer-5094307193290752

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>

> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=6c64351bb1f4dc148069a37754b746fcd4c784cf
---

 libavformat/mvdec.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/libavformat/mvdec.c b/libavformat/mvdec.c
index c4fa980bf2..f1f73e51f9 100644
--- a/libavformat/mvdec.c
+++ b/libavformat/mvdec.c
@@ -269,6 +269,8 @@ static void read_index(AVIOContext *pb, AVStream *st)
         uint32_t pos  = avio_rb32(pb);
         uint32_t size = avio_rb32(pb);
         avio_skip(pb, 8);
+        if (avio_feof(pb))
+            return ;
         av_add_index_entry(st, pos, timestamp, size, 0, AVINDEX_KEYFRAME);
         if (st->codecpar->codec_type == AVMEDIA_TYPE_AUDIO) {
             timestamp += size / (st->codecpar->channels * 2LL);



More information about the ffmpeg-cvslog mailing list