From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <ffmpeg-devel-bounces@ffmpeg.org>
Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org [79.124.17.100])
	by master.gitmailbox.com (Postfix) with ESMTP id C768F4BFC9
	for <ffmpegdev@gitmailbox.com>; Fri, 19 Jul 2024 23:47:09 +0000 (UTC)
Received: from [127.0.1.1] (localhost [127.0.0.1])
	by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 13A3768D863;
	Sat, 20 Jul 2024 02:47:06 +0300 (EEST)
Received: from mail-pf1-f179.google.com (mail-pf1-f179.google.com
 [209.85.210.179])
 by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id B4DB968D621
 for <ffmpeg-devel@ffmpeg.org>; Sat, 20 Jul 2024 02:46:59 +0300 (EEST)
Received: by mail-pf1-f179.google.com with SMTP id
 d2e1a72fcca58-70af5fbf0d5so1007876b3a.1
 for <ffmpeg-devel@ffmpeg.org>; Fri, 19 Jul 2024 16:46:59 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=gmail.com; s=20230601; t=1721432817; x=1722037617; darn=ffmpeg.org;
 h=content-transfer-encoding:in-reply-to:from:content-language
 :references:to:subject:user-agent:mime-version:date:message-id:from
 :to:cc:subject:date:message-id:reply-to;
 bh=tzQySTGuGjgXaO8jO4bMNGQYPtKoSLlg1AppcGo5Ncs=;
 b=fx4sv/kB9ayPCKbXIfUxAZLtAy3+hZTRs4900bMOFYGyLbdu9yNtohKS+cVHCNpy1w
 j8QMXbNa9QKMs6S/R4CtM4UAcRCr0m02WwbUefbVCSXaUaD2vmERlFiNUXBAbgk5Dmje
 7i51+gZCJZCwatyhp7Xw3GVVuQIsgZFDY+PLNXwcGVhNnCDaUZQoBtGH29B6fVmgwDhe
 Oa8NDX7rFytvYRn0BIqjjRNK3zRHwKdMz+c4QHxYC2M0Hp0PieJVjLLKZfCYUabosUbc
 fG32WRuA83iJqYHkHd6GWqLl0P6fIec2vA//EzDJji2NFsvyr9VQzGAaqDAQ7NUm6QNj
 5Jvw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1721432817; x=1722037617;
 h=content-transfer-encoding:in-reply-to:from:content-language
 :references:to:subject:user-agent:mime-version:date:message-id
 :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
 bh=tzQySTGuGjgXaO8jO4bMNGQYPtKoSLlg1AppcGo5Ncs=;
 b=WRBtPn0gZuqC/qQkVvkLsuVdnrUePfWnrEsZ+/hjxIDE8jZ2SjzSe1BCtJx6K/Rboj
 SKttYScclgyuTVoH2ZviUOgNZuH6NZHXn+TvJz9H4jRJ27Th0C0gDeIWFg+z1oFLWSk1
 5iCdxt3ulTJUyTPkBVOWm6FEPTGDLKt5xR5rKUdgsYL/NawavObj8E6dOOWMV04J0+Xq
 bJzAJrYnbXe9Fb0k2/5dkxeooKX3Ui0XgQ6bXeajb6Fnz1kX4qbB750h02O37DzJIGwh
 0ygj4SuinBTBm9PdXhCUfVLfU+AivfyqpquB8aDsxK4pOhEgQDdZpGd9w8KRvzvn7eUq
 RZUA==
X-Gm-Message-State: AOJu0Yy+oJSBUfhe07yW7n1qUhhZUShHi0YNOSKsfcc0AHe4tmT2a5oF
 Dn00Iv+K9GmFtj5AzjwOczn5LNl+LfLUxrR3QLfqYtzIJ67RpQcQoIBEtg==
X-Google-Smtp-Source: AGHT+IGJ1kvTvmktKyhvmckqV4Pms5J3sQWxoLmXF0YA6NGNRW8Nsa8C2oC1jq/hlHDA0RMJyCjrnw==
X-Received: by 2002:a05:6a00:218b:b0:706:738b:2c3 with SMTP id
 d2e1a72fcca58-70d094954ddmr1610686b3a.2.1721432816738; 
 Fri, 19 Jul 2024 16:46:56 -0700 (PDT)
Received: from [192.168.0.12] ([190.194.167.233])
 by smtp.gmail.com with ESMTPSA id
 d2e1a72fcca58-70cff4b18e9sm1717710b3a.51.2024.07.19.16.46.55
 for <ffmpeg-devel@ffmpeg.org>
 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128);
 Fri, 19 Jul 2024 16:46:56 -0700 (PDT)
Message-ID: <9efcaea5-b48f-4dda-bb04-33d8c40b9d4c@gmail.com>
Date: Fri, 19 Jul 2024 20:47:19 -0300
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
To: ffmpeg-devel@ffmpeg.org
References: <20240718221606.3710874-1-michael@niedermayer.cc>
 <12436ccb-ffd3-41b8-8c0f-0a694610c92e@gmail.com> <20240719081036.GH4991@pb2>
Content-Language: en-US
From: James Almer <jamrial@gmail.com>
In-Reply-To: <20240719081036.GH4991@pb2>
Subject: Re: [FFmpeg-devel] [PATCH 1/2] avformat/mov: Check extradata in
 mov_read_iacb()
X-BeenThere: ffmpeg-devel@ffmpeg.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: FFmpeg development discussions and patches <ffmpeg-devel.ffmpeg.org>
List-Unsubscribe: <https://ffmpeg.org/mailman/options/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=unsubscribe>
List-Archive: <https://ffmpeg.org/pipermail/ffmpeg-devel>
List-Post: <mailto:ffmpeg-devel@ffmpeg.org>
List-Help: <mailto:ffmpeg-devel-request@ffmpeg.org?subject=help>
List-Subscribe: <https://ffmpeg.org/mailman/listinfo/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=subscribe>
Reply-To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"; Format="flowed"
Errors-To: ffmpeg-devel-bounces@ffmpeg.org
Sender: "ffmpeg-devel" <ffmpeg-devel-bounces@ffmpeg.org>
Archived-At: <https://master.gitmailbox.com/ffmpegdev/9efcaea5-b48f-4dda-bb04-33d8c40b9d4c@gmail.com/>
List-Archive: <https://master.gitmailbox.com/ffmpegdev/>
List-Post: <mailto:ffmpegdev@gitmailbox.com>

On 7/19/2024 5:10 AM, Michael Niedermayer wrote:
> On Thu, Jul 18, 2024 at 07:19:17PM -0300, James Almer wrote:
>> On 7/18/2024 7:16 PM, Michael Niedermayer wrote:
>>> Fixes: MemLeak
>>> Fixes: 69853/clusterfuzz-testcase-minimized-ffmpeg_dem_MOV_fuzzer-4660448545275904
>>>
>>> Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
>>> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
>>> ---
>>>    libavformat/mov.c | 2 ++
>>>    1 file changed, 2 insertions(+)
>>>
>>> diff --git a/libavformat/mov.c b/libavformat/mov.c
>>> index ce95842ce58..82fce7ef5c1 100644
>>> --- a/libavformat/mov.c
>>> +++ b/libavformat/mov.c
>>> @@ -897,6 +897,8 @@ static int mov_read_iacb(MOVContext *c, AVIOContext *pb, MOVAtom atom)
>>>        st = c->fc->streams[c->fc->nb_streams - 1];
>>>        sc = st->priv_data;
>>> +    if (st->codecpar->extradata)
>>> +        return AVERROR_INVALIDDATA;
>>
>> Maybe it's better to do like other atoms where we ignore duplicate entries
>> (See mov_read_glbl(), used for h264/hevc/etc).
> 
> IIRC its a mix of mov_read_iacb() and mov_read_stsd() both setting extradata

iacb is a child box of stsd. In a sane file only one box will set 
extradata, so lets copy the behavior of glbl.

> 
> i can certainly do a "return 0" with some warning if you prefer that

Yes.

> 
> thx
> 
> [...]
> 
> 
> _______________________________________________
> ffmpeg-devel mailing list
> ffmpeg-devel@ffmpeg.org
> https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
> 
> To unsubscribe, visit link above, or email
> ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel

To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".