summaryrefslogtreecommitdiff
path: root/tools
diff options
context:
space:
mode:
authorMichael Niedermayer <michael@niedermayer.cc>2021-07-24 18:18:23 +0200
committerMichael Niedermayer <michael@niedermayer.cc>2021-07-28 19:15:26 +0200
commit54b798638e68dcebed5c42a216b403004a97f73e (patch)
tree573c2357bc170cda617954e41e80418910b052fe /tools
parentfc300613bec1e55974d45f955265b72cbf9b5683 (diff)
downloadffmpeg-54b798638e68dcebed5c42a216b403004a97f73e.tar.gz
tools/target_dec_fuzzer: Fix extradata duplication
Fixes: out of array access Fixes: 36340/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MPEG4_fuzzer-5872546875572224.fuzz Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Diffstat (limited to 'tools')
-rw-r--r--tools/target_dec_fuzzer.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/tools/target_dec_fuzzer.c b/tools/target_dec_fuzzer.c
index 3e7689b7ec..843b447f83 100644
--- a/tools/target_dec_fuzzer.c
+++ b/tools/target_dec_fuzzer.c
@@ -317,7 +317,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
}
parser_avctx->codec_id = ctx->codec_id;
parser_avctx->extradata_size = ctx->extradata_size;
- parser_avctx->extradata = av_memdup(ctx->extradata, ctx->extradata_size);
+ parser_avctx->extradata = ctx->extradata ? av_memdup(ctx->extradata, ctx->extradata_size + AV_INPUT_BUFFER_PADDING_SIZE) : NULL;
int got_frame;