[FFmpeg-devel] [PATCH 2/4] tools/target_dec_fuzzer: Do not test AV_CODEC_FLAG2_FAST with AV_CODEC_ID_H264
Jean-Baptiste Kempf
jb at videolan.org
Thu May 28 12:14:15 EEST 2020
On Thu, May 28, 2020, at 00:08, Kieran Kunhya wrote:
> On Wed, 27 May 2020 at 22:53, Michael Niedermayer <michael at niedermayer.cc>
> wrote:
>
> > On Sun, Mar 15, 2020 at 10:20:56PM +0100, Michael Niedermayer wrote:
> > > This combination skips allocating large padding which can read out of
> > array
> > >
> > > Fixes:
> > 20978/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_H264_fuzzer-5746381832847360
> > >
> > > Found-by: continuous fuzzing process
> > https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
> > > Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
> > > ---
> > > tools/target_dec_fuzzer.c | 2 +-
> > > 1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > will apply
> >
>
> Shouldn't there be warnings about FAST mode if it causes security issues?
I agree here.
Either we fix FAST mode, or it must come with important warnings.
--
Jean-Baptiste Kempf - President
+33 672 704 734
More information about the ffmpeg-devel
mailing list