1. ffmpeg
  2. Commit 9162df98e1cf4e240f36944def19e8cd2cc28359
Browse code

avcodec/nuv: Move comptype check up

Fixes: Timeout (23sec -> 5ms)
Fixes: 18517/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_NUV_fuzzer-5753135536013312

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 1138cdecbe0164ab1f07768418e794fddfdc636d)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

Michael Niedermayer authored on 2019/11/02 22:14:44
Showing 1 changed files
libavcodec/nuv.c
History View file @ 9162df9
... ... 
@@ -217,6 +217,14 @@ static int decode_frame(AVCodecContext *avctx, void *data, int *got_frame,
217 217 
     case NUV_RTJPEG:
218 218 
         minsize = c->width/16 * (c->height/16) * 6;
219 219 
         break;
220 
+    case NUV_BLACK:
221 
+    case NUV_COPY_LAST:
222 
+    case NUV_LZO:
223 
+    case NUV_RTJPEG_IN_LZO:
224 
+        break;
225 
+    default:
226 
+        av_log(avctx, AV_LOG_ERROR, "unknown compression\n");
227 
+        return AVERROR_INVALIDDATA;
220 228 
     }
221 229 
     if (buf_size < minsize / 4)
222 230 
         return AVERROR_INVALIDDATA;
... ... 
@@ -305,9 +313,6 @@ retry:
305 305 
     case NUV_COPY_LAST:
306 306 
         /* nothing more to do here */
307 307 
         break;
308 
-    default:
309 
-        av_log(avctx, AV_LOG_ERROR, "unknown compression\n");
310 
-        return AVERROR_INVALIDDATA;
311 308 
     }
312 309
313 310 
     if ((result = av_frame_ref(picture, c->pic)) < 0)