[FFmpeg-devel] [PATCH 1/3] avformat/electronicarts: Clear partial_packet on error
Andreas Rheinhardt
andreas.rheinhardt at gmail.com
Fri Feb 12 13:00:24 EET 2021
Michael Niedermayer:
> Fixes: Infinite loop
> Fixes: 30165/clusterfuzz-testcase-minimized-ffmpeg_dem_EA_fuzzer-6224642371092480
>
> Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
> Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
> ---
> libavformat/electronicarts.c | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/libavformat/electronicarts.c b/libavformat/electronicarts.c
> index a98a8d604e..7c0d6a2e37 100644
> --- a/libavformat/electronicarts.c
> +++ b/libavformat/electronicarts.c
> @@ -728,6 +728,7 @@ get_video_packet:
> ret = av_get_packet(pb, pkt, chunk_size);
> if (ret < 0) {
> packet_read = 1;
> + partial_packet = 0;
> break;
> }
> partial_packet = chunk_type == MVIh_TAG;
>
This will make sure that we break out of the loop; furthermore, the code
overwriting ret with AVERROR(EAGAIN) will not be triggered and ret will
be returned. So why not just return ret here?
- Andreas
More information about the ffmpeg-devel
mailing list