From 05d364dcccb3703de3f299b6ebaa13021b12c061 Mon Sep 17 00:00:00 2001 From: Michael Niedermayer Date: Sun, 15 Mar 2020 17:59:49 +0100 Subject: tools/target_dec_fuzzer: Do not test AV_CODEC_FLAG2_FAST with AV_CODEC_ID_H264 This combination skips allocating large padding which can read out of array Fixes: 20978/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_H264_fuzzer-5746381832847360 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer --- tools/target_dec_fuzzer.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'tools') diff --git a/tools/target_dec_fuzzer.c b/tools/target_dec_fuzzer.c index dc7efe914d..f43f417088 100644 --- a/tools/target_dec_fuzzer.c +++ b/tools/target_dec_fuzzer.c @@ -206,7 +206,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { if (flags & 8) ctx->err_recognition |= AV_EF_EXPLODE; } - if (flags & 0x10) + if ((flags & 0x10) && c->id != AV_CODEC_ID_H264) ctx->flags2 |= AV_CODEC_FLAG2_FAST; if (flags & 0x40) -- cgit v1.2.1