From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <ffmpeg-devel-bounces@ffmpeg.org>
Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org [79.124.17.100])
	by master.gitmailbox.com (Postfix) with ESMTP id 727C64A60D
	for <ffmpegdev@gitmailbox.com>; Mon,  1 Apr 2024 21:33:20 +0000 (UTC)
Received: from [127.0.1.1] (localhost [127.0.0.1])
	by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id BB9BB68CF98;
	Tue,  2 Apr 2024 00:33:18 +0300 (EEST)
Received: from mail-pl1-f172.google.com (mail-pl1-f172.google.com
 [209.85.214.172])
 by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id C45D368CF46
 for <ffmpeg-devel@ffmpeg.org>; Tue,  2 Apr 2024 00:33:12 +0300 (EEST)
Received: by mail-pl1-f172.google.com with SMTP id
 d9443c01a7336-1dff837d674so34466915ad.3
 for <ffmpeg-devel@ffmpeg.org>; Mon, 01 Apr 2024 14:33:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=gmail.com; s=20230601; t=1712007191; x=1712611991; darn=ffmpeg.org;
 h=content-transfer-encoding:in-reply-to:from:content-language
 :references:to:subject:user-agent:mime-version:date:message-id:from
 :to:cc:subject:date:message-id:reply-to;
 bh=35124zBozFms1QccsbH8VzkMLA7w+7tdB0vuy1ZrnDA=;
 b=GlrPf2fdCQCRYztbg0xap6Inr/aEFYZonS4WxKNBh+rjxqA+IFXe805fXR3eS0apJj
 3UBOAU58NVfczKYbdwKsTwyTm38GJ4ChM3IOwxs57NXGZ0QNTVKPVV2ccTJGJ6pySCQ3
 xAdr2nQgB79BsXslHEQkHOO8H4RE8kCUC5K3tlkCS3hvyvBzK/064hKnaWG8E33ww4P/
 B+EPP5c05T6A57Qv1yEZg5yzi+LHK2VG8xWOS2fletY4lcZeBbyfKwAudFeipivURXSY
 9NEpNjDqZ7B33otsTnaoW6UNaOfgxrfgqsjoDTfwFAgvy2p0iVu5DoeP/DPuQHfFmM19
 T1yA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1712007191; x=1712611991;
 h=content-transfer-encoding:in-reply-to:from:content-language
 :references:to:subject:user-agent:mime-version:date:message-id
 :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
 bh=35124zBozFms1QccsbH8VzkMLA7w+7tdB0vuy1ZrnDA=;
 b=Igm173/H33o2yTvRhgYtmFOQhiLpzf54fqCYlmS8iEvdLrrbJ6kAezLB+VV4dwtWib
 WHnZ9TVpPaucOgnxCBIprxmBpRCvhXvRiNmVqm0EcBxM79USjn60bad9Itj+ZO1m0PWg
 7BaqVblCdCv/VBxEOQO0rsW4zLuT2gF0b7Y8QantOibF66au8rTVSHyU1IS/1e78R09L
 6O1xCUxFn5GElO9yS8E3n74Dh+XC2pENYo+c6Vv8miztM9/rpnP4U1vD+c2ujAgCxGCP
 JZNTxPzkeua/PLUcdPEvPbY1zceeoblP7vgAZGELSDE8sHeZe2idInBJwcVpUJYqUWwT
 Vc3A==
X-Gm-Message-State: AOJu0YyyKpQcjjIaRRiIM0Lr95jvZTiUD5cyQxcQkSnckmzQmQkN2itq
 M8rPbcNj7zo7G8brFE9ykW5BGpKf71ESN5TJWTdU0S4JOb7bOx988MEBL8VM
X-Google-Smtp-Source: AGHT+IGKxTlPLYAfxqY5PElprrpWob3WdykF2mk2CCcBW7PHqKkKvPvih4sUT3kzUarswwkMtTKc9A==
X-Received: by 2002:a17:902:f389:b0:1e0:b5ee:e808 with SMTP id
 f9-20020a170902f38900b001e0b5eee808mr8753440ple.68.1712007190651; 
 Mon, 01 Apr 2024 14:33:10 -0700 (PDT)
Received: from [192.168.0.15] ([190.194.167.233])
 by smtp.gmail.com with ESMTPSA id
 i7-20020a170902c94700b001e223c9679asm8422169pla.93.2024.04.01.14.33.09
 for <ffmpeg-devel@ffmpeg.org>
 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128);
 Mon, 01 Apr 2024 14:33:10 -0700 (PDT)
Message-ID: <77140ca3-bf2f-42db-9a76-264529c9ee5a@gmail.com>
Date: Mon, 1 Apr 2024 18:33:22 -0300
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
To: ffmpeg-devel@ffmpeg.org
References: <20240401205607.9093-1-michael@niedermayer.cc>
Content-Language: en-US
From: James Almer <jamrial@gmail.com>
In-Reply-To: <20240401205607.9093-1-michael@niedermayer.cc>
Subject: Re: [FFmpeg-devel] [PATCH 1/6] avformat/isom: Uninit layout in
 ff_mp4_read_dec_config_descr()
X-BeenThere: ffmpeg-devel@ffmpeg.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: FFmpeg development discussions and patches <ffmpeg-devel.ffmpeg.org>
List-Unsubscribe: <https://ffmpeg.org/mailman/options/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=unsubscribe>
List-Archive: <https://ffmpeg.org/pipermail/ffmpeg-devel>
List-Post: <mailto:ffmpeg-devel@ffmpeg.org>
List-Help: <mailto:ffmpeg-devel-request@ffmpeg.org?subject=help>
List-Subscribe: <https://ffmpeg.org/mailman/listinfo/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=subscribe>
Reply-To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"; Format="flowed"
Errors-To: ffmpeg-devel-bounces@ffmpeg.org
Sender: "ffmpeg-devel" <ffmpeg-devel-bounces@ffmpeg.org>
Archived-At: <https://master.gitmailbox.com/ffmpegdev/77140ca3-bf2f-42db-9a76-264529c9ee5a@gmail.com/>
List-Archive: <https://master.gitmailbox.com/ffmpegdev/>
List-Post: <mailto:ffmpegdev@gitmailbox.com>

On 4/1/2024 5:56 PM, Michael Niedermayer wrote:
> Fixes: memleak
> Fixes: 67442/clusterfuzz-testcase-minimized-ffmpeg_dem_CAF_fuzzer-5068813261406208
> 
> Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
> ---
>   libavformat/isom.c | 1 +
>   1 file changed, 1 insertion(+)
> 
> diff --git a/libavformat/isom.c b/libavformat/isom.c
> index 9fbccd4437f..c5930bd4d87 100644
> --- a/libavformat/isom.c
> +++ b/libavformat/isom.c
> @@ -359,6 +359,7 @@ int ff_mp4_read_dec_config_descr(AVFormatContext *fc, AVStream *st, AVIOContext
>                                                   st->codecpar->extradata_size, 1, fc);
>               if (ret < 0)
>                   return ret;
> +            av_channel_layout_uninit(&st->codecpar->ch_layout);
>               st->codecpar->ch_layout.order = AV_CHANNEL_ORDER_UNSPEC;

Not strictly related to this fix, but should we really drop the layout 
here by forcing unspec? We're also not even bothering to check if 
cfg.channels matches st->codecpar->ch_layout.nb_channels.

>               st->codecpar->ch_layout.nb_channels = cfg.channels;
>               if (cfg.object_type == 29 && cfg.sampling_index < 3) // old mp3on4
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel

To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".