From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org [79.124.17.100]) by master.gitmailbox.com (Postfix) with ESMTP id 1C41847801 for ; Mon, 23 Oct 2023 15:19:27 +0000 (UTC) Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id EAC7B68CA26; Mon, 23 Oct 2023 18:19:24 +0300 (EEST) Received: from EUR03-AM7-obe.outbound.protection.outlook.com (mail-am7eur03olkn2053.outbound.protection.outlook.com [40.92.59.53]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id CFF5568B991 for ; Mon, 23 Oct 2023 18:19:18 +0300 (EEST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=kaYxLoGIqWN719THI5I9r4fudQz8CXUrsSCyDJeUJM8aRn8zBtMgtiXxlr8yGHQQOzWkLkcviOS64xCOpxWwV0V1LRlpDcN2OAyGrtn+bXfdyIFaMaAAMuIeltXDj2yzUjoq+YZcbGJzMaDCZAxsoayiDIMlPffPwAodr0uh4yBSsBxvqmSGMPsn0Ydrd6+YFICTkm0qI/t4LHoJx6oBfkYd4Y4CJ6cOYFjLn88X1dJD65WxYFXDMJm/NQwtNzO8e4zcK52QBr6Y0MPXgrBHjiXsqmcOcujD6R37O/V810sfuZv3OI5/2xC03XqUJanL1MIJOLAHnKEY5lRmndFsjg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=OCijyX3d76qtYEFzpTV2WOBcICyVC78lpqYntxFiQOI=; b=mw5ljWsapOOkQRnuaibbUjjefJUe5/nQfNd1/ZecR3kLZtDk58BXhb0xlGuT1zFS9trfcONUt1X71lc/Li/ifzdscQxb03q1A3/RUb1LWWfgsO5V8RYeitLOvDASjNsiY2R9p1yE2oAkq7v25QnO/AbCQ/TfIdW9DJZY/eNQVThc1N66asKSMhQ7rxaSy9mT/aMbhepwqH2lAktWkIwjwGs90FLK+3ITCLN6hFSQ2Kqjhp+Eqaq8MByZZNfB7W5IvqcWAqdHKyaxH/SKfT1s3kDkdmiC1Qx9IB4BhTOhWjaBaa4pGsSE1yhfuEd+a+hxBQkBkmGIMT212K7JJ7W/Ag== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=OCijyX3d76qtYEFzpTV2WOBcICyVC78lpqYntxFiQOI=; b=YGk5J6YXE3njwDb5qY1R0j/H4mBoe6Uql11m+SREB13tyEvhDFRM7zxu2h7Ic/PluaXgfP8N07KFbHV3CRKtji+gRyV5diH2rdUIhmY693mF4U0W8UlwuN25IQhyGraeSSoVp1LGhIn8+WbxZ9m8uAVhqzPx+TfwAcGl1htxt8lh/vISTnA/5dBKNZztSFlqyv2c24rPdFldMO3Dk4h8S2vhKvzoayvI76XuZUWYq5LrJHRFEJ9JVCdinaS0SHt4E0okcTS37qjRtXD1t6/5AMtqSHmdWvSscJNfElWr8mcXo4aRr/Q/sHXDe91EcNcF3AmkQiPsxTXcpz+qonDHaw== Received: from AS8P250MB0744.EURP250.PROD.OUTLOOK.COM (2603:10a6:20b:541::14) by AS8P250MB0007.EURP250.PROD.OUTLOOK.COM (2603:10a6:20b:35a::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6907.33; Mon, 23 Oct 2023 15:19:17 +0000 Received: from AS8P250MB0744.EURP250.PROD.OUTLOOK.COM ([fe80::f59c:9cff:a42d:bde]) by AS8P250MB0744.EURP250.PROD.OUTLOOK.COM ([fe80::f59c:9cff:a42d:bde%3]) with mapi id 15.20.6907.030; Mon, 23 Oct 2023 15:19:17 +0000 From: Andreas Rheinhardt To: ffmpeg-devel@ffmpeg.org Date: Mon, 23 Oct 2023 17:20:28 +0200 Message-ID: X-Mailer: git-send-email 2.34.1 X-TMN: [gD3j+TEenvXoN4RjBCtUsCRQAw6zReHnJAPALGOR36Y=] X-ClientProxiedBy: ZR0P278CA0139.CHEP278.PROD.OUTLOOK.COM (2603:10a6:910:40::18) To AS8P250MB0744.EURP250.PROD.OUTLOOK.COM (2603:10a6:20b:541::14) X-Microsoft-Original-Message-ID: <20231023152028.1039170-1-andreas.rheinhardt@outlook.com> MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: AS8P250MB0744:EE_|AS8P250MB0007:EE_ X-MS-Office365-Filtering-Correlation-Id: 28dfb316-d395-49be-6f68-08dbd3db6c20 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 7OY3DFE/oQn20EbWBNJvrkofeutvKgE6iCviCnV5yVmjkDiLdXn6cIUxeRfFUZfBUTBSlwobrbBQ/dcJzM69WScDJYDNaKZm0KTuA1JfN+wH5ji+6jvEZuxEH/GRLCj/F0YHfWTR3kTZ3HjRfbPiaLFWKVlXzxPJA3OL0N5yfWSK3A0MkaCZ4IkfPekETzLh+pbRgH3NEtjlvpAW/LibtwvPrFhOOgGGvIRr9tbpr1wWVic1ToJCYu12VcGcNlpDT2XJjR6AWL4ZSQc6w/ECJkgBNTVgeJ/1K/F4Kr6V7bSB89XmVEMZhCQvSgoz2EeIsffRt27Yr7wgp7djXSwpCyWAGgnKOBz+lO/MFgiLf2kS5sm/LYFzsDGlEXsOW1Dn234ug7XshujVX/2ZNVTMRdlmMR/Rf0ewSqbKABzcCUKLyG6MXdS/GSjy+omvHMiaqz29ig52T7yynL/78p81sf7R9YDVgsIs0kjUjtTps5ctwJp60i0/7e31dECa2BNp+99M5VmkcQ4kxM6G3RI1P1CXjZ6MXDOfgdNzZD29MF3kIGIoZdJmCx25fjF6S34Jp9kah2ZR1AeXdLO55JkjQpFa2L6Y9lTpvEMxi4lxVfJKf2aNQXnzDaSmWOx3trDU X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?bt+yH6LVlQRcYHPkK0dsBB4DVuOyz2N1j6OY7GOY67xnippU1mKwpe9BHU4n?= =?us-ascii?Q?5IPHf+vHd/AY3a2fJLKsCc/0Q8nmCuWFUjFTmBbOFWco+NV7aoIL2ecezUpQ?= =?us-ascii?Q?6esx6lHg8JPOzmYU0OjFgw3F54Xvu7QeslnJMpOWcg0ol3jrLwU78Hqp8ONm?= =?us-ascii?Q?KeDoDvyw+AgGK6tIaORj1WmMkXjWmyR87P2MRIhA3EqhxQvfgvBMnHOqG1IF?= =?us-ascii?Q?poIz/DQgsUJgFV1WZCOi23k9lPzU2l6F9Q2E8NBxz3neE/wq2AG+bq3QPcZ/?= =?us-ascii?Q?ZAEhLhYiwAiRnGvurMDjjnLQYLa2LE3RImeJRfJ0D7sZHsiKmmCZDNYXmcXe?= =?us-ascii?Q?+jugNZW5wDC5lZDzytTHCbMzwHcXSwid+nWJ9B1caDQRfYy/oE21DlAD6QvH?= =?us-ascii?Q?VEUNegCntrbfgyh53z5ogetDfLnXNA4RFhNJFUs1jxEnIEYt3DBSJFRFgn/m?= =?us-ascii?Q?1RLfvYXdEQ3bhP9Rx87ni0BGq08iZDsSjKHpvwWi1F+FVyV1t0WEpDgpOWXh?= =?us-ascii?Q?mizsoqfCVB44pZ3BTHAQZyImVG0r0mTZR/5TvbDH1svZ7AVlGMI5OMP/N5RU?= =?us-ascii?Q?NUl4DlzpgjMODbezcvQBkjWK7zgdCdXfyk/E79h8WegdYznul8flS4VylSSn?= =?us-ascii?Q?/fKMpw3FojQZV0o4UnaJoknAzWxyIRlGSvlQQ3azjwBvSlSIh0UNtZW1/kwi?= =?us-ascii?Q?85uDVaRUwV9XuovtyG4yIKsjTChx85xCxx47n53eXZlRTgYMbppHj45pBg64?= =?us-ascii?Q?WjQ8UT8mBKt92kLP+w1KCTfxoz5j2jMvohfeFdb+ThtDlF2R0GPd14+hvbsW?= =?us-ascii?Q?4dMUH2xxsDpzFTt7OMoJmfOX8ij0zOXUeWOjoEIepuwpJ67PTUaiyy01z0Sm?= =?us-ascii?Q?/xBRRoiTV0We5Q4iC2MFfNt9iRY18u+hIX7+hwTAMuGzkUD6tT/IvkwCWnlY?= =?us-ascii?Q?ygihfle+j2J13M6dwEgIrGIP/rxVhWEgxK80Jaqn74CoGNQMxtXZTpKYQyZv?= =?us-ascii?Q?vAkkzli1E2Ii1oEjuil1PsBP0GKT/KRtlbU1JVBvdmJuPBoPkzi0U6ZMXKio?= =?us-ascii?Q?Ze++VeIQAb7VcbsLQM2N1BJHkcm0xtraH0GzjcEj637wMANiKb7Yiuq2q6Ej?= =?us-ascii?Q?fIWVMqYAD2lFz3TzfKF5uzV1IyBs9NlMKZgYmWsRI89U5tlch5sZhaiJu6cM?= =?us-ascii?Q?ORTYdQemwGxp5UMCppzDTiC+mwfzRXB16cNcLtaysFKnG4aC9xMUgPD0FT0K?= =?us-ascii?Q?2uo3i8bHa/ek1GF2pK/z?= X-OriginatorOrg: outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 28dfb316-d395-49be-6f68-08dbd3db6c20 X-MS-Exchange-CrossTenant-AuthSource: AS8P250MB0744.EURP250.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 23 Oct 2023 15:19:17.1451 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000 X-MS-Exchange-Transport-CrossTenantHeadersStamped: AS8P250MB0007 Subject: [FFmpeg-devel] [PATCH] avcodec/cbs_h2645: Fix leak of SPS VUI extension data X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Cc: Andreas Rheinhardt Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" Archived-At: List-Archive: List-Post: Fixes: VUI extension leak Fixes: 63004/clusterfuzz-testcase-minimized-ffmpeg_BSF_VVC_METADATA_fuzzer-4928832253329408 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Andreas Rheinhardt --- libavcodec/cbs_h2645.c | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/libavcodec/cbs_h2645.c b/libavcodec/cbs_h2645.c index 470f60b95f..c48a06b241 100644 --- a/libavcodec/cbs_h2645.c +++ b/libavcodec/cbs_h2645.c @@ -1989,7 +1989,17 @@ static const CodedBitstreamUnitTypeDescriptor cbs_h266_unit_types[] = { CBS_UNIT_TYPE_INTERNAL_REF(VVC_DCI_NUT, H266RawDCI, extension_data.data), CBS_UNIT_TYPE_INTERNAL_REF(VVC_OPI_NUT, H266RawOPI, extension_data.data), CBS_UNIT_TYPE_INTERNAL_REF(VVC_VPS_NUT, H266RawVPS, extension_data.data), - CBS_UNIT_TYPE_INTERNAL_REF(VVC_SPS_NUT, H266RawSPS, extension_data.data), + { + .nb_unit_types = 1, + .unit_type.list[0] = VVC_SPS_NUT, + .content_type = CBS_CONTENT_TYPE_INTERNAL_REFS, + .content_size = sizeof(H266RawSPS), + .type.ref = { + .nb_offsets = 2, + .offsets = { offsetof(H266RawSPS, extension_data.data), + offsetof(H266RawSPS, vui.extension_data.data) } + }, + }, CBS_UNIT_TYPE_INTERNAL_REF(VVC_PPS_NUT, H266RawPPS, extension_data.data), CBS_UNIT_TYPE_INTERNAL_REF(VVC_PREFIX_APS_NUT, H266RawAPS, extension_data.data), CBS_UNIT_TYPE_INTERNAL_REF(VVC_SUFFIX_APS_NUT, H266RawAPS, extension_data.data), -- 2.34.1 _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".