[FFmpeg-devel] [PATCH 1/4] avcodec/jpeg2000dec: Check image offset
Tomas Härdin
git at haerdin.se
Wed Oct 25 22:20:09 EEST 2023
On Thu, 2023-10-05 at 00:59 +0200, Michael Niedermayer wrote:
> Fixes: left shift of negative value -538967841
> Fixes: 62447/clusterfuzz-testcase-minimized-
> ffmpeg_AV_CODEC_ID_JPEG2000_fuzzer-6427134337613824
>
> Found-by: continuous fuzzing process
> https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
> Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
> ---
> libavcodec/jpeg2000dec.c | 5 +++++
> 1 file changed, 5 insertions(+)
>
> diff --git a/libavcodec/jpeg2000dec.c b/libavcodec/jpeg2000dec.c
> index eda959e558d..691cfbd8915 100644
> --- a/libavcodec/jpeg2000dec.c
> +++ b/libavcodec/jpeg2000dec.c
> @@ -238,6 +238,11 @@ static int get_siz(Jpeg2000DecoderContext *s)
> return AVERROR_INVALIDDATA;
> }
>
> + if (s->image_offset_x >= s->width || s->image_offset_y >= s-
> >height) {
> + av_log(s->avctx, AV_LOG_ERROR, "image offsets outside
> image");
> + return AVERROR_INVALIDDATA;
> + }
Probably OK
/Tomas
More information about the ffmpeg-devel
mailing list