From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from ffbox0-bg.ffmpeg.org (ffbox0-bg.ffmpeg.org [79.124.17.100]) by master.gitmailbox.com (Postfix) with ESMTPS id B5F4B4BBBB for ; Wed, 23 Jul 2025 15:52:20 +0000 (UTC) Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.ffmpeg.org (Postfix) with ESMTP id 6F23D68CB73; Wed, 23 Jul 2025 18:52:16 +0300 (EEST) Received: from mail-ed1-f50.google.com (mail-ed1-f50.google.com [209.85.208.50]) by ffbox0-bg.ffmpeg.org (Postfix) with ESMTPS id 4C1C268BCB0 for ; Wed, 23 Jul 2025 18:52:10 +0300 (EEST) Received: by mail-ed1-f50.google.com with SMTP id 4fb4d7f45d1cf-6088d856c6eso121972a12.0 for ; Wed, 23 Jul 2025 08:52:10 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1753285928; x=1753890728; darn=ffmpeg.org; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :from:to:cc:subject:date:message-id:reply-to; bh=QGTNoPc/bFEnlvYfeFln9IU3By+5gbjVo7u3hB39Tog=; b=hx+z8Xr0++HUdsn9UFEINhMsXbArtHOsl31jVj/eUUcVc0lDdOn3NgtxA/Yd9F2Jjy 8rm36RM0OPCQiVUe2rIvOtKYftj9c7Rci8d9hUMQICA+kuVbWRoBrg8dR405K8yroyVb 0lxcy+Hh687/XTYeR6ZkdrLs7dPFXuU0GskRjy2BRKJa/Nk1FTFcj2jhwDZOM+bZJyg+ n1En4oG1uc6WFP0kFjOcYLY5UpwBeWc8WrbkXUhDY5Tnp26t2knHSMCGUUeGT4jLWcVI fYj20eH5hsr2t9m4JrofRSpeeopiXnM9RstWeX7pWas1Tot132coFn/KqWZLLitdkk7Y ArjQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1753285928; x=1753890728; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=QGTNoPc/bFEnlvYfeFln9IU3By+5gbjVo7u3hB39Tog=; b=PHK2ntYkvn1HcIuy5bnhAH0e9mh7izJ6q3tAoNfGl/wPqxTSF1+Eh4SJxPLLuu0J7r REOopl2Q6CxYEmftfo8WpZZ6g3rJjEgTQ5T2rs0ofm2o/ty4oNmCGZKzt3aB3HQ+BGwc 4OmBZfQTXREMqMtMdI+Md0qDXTKLZE0RQLpcTwGKIvtctkVLvALG4bUJd0ZZkImJsNbu dsDdBXcxlAz21dkb4tYYNkxcIPOm3HhzwbB28j2Wtpu6AMi8JdGkmcEvSZQhoiJasV1M nIN+QFcNuKbOz9KB39aEKi5TpeDgxJT6CHW1I1p+iLcDE5qk/OqvivUiuAIb1BcMOftx NTQA== X-Gm-Message-State: AOJu0YzGgrSLcz+Ym8+c8egckqhkPES0gLpni3b7S6hYb3p8Kw432lhU MUgvQxiFTnj8KUrUBG2hD9x2pXSNVBqo7hfUAmL5aPdDis+ygEQXHOG6zVbpl52DVLeNSQ/pZfw tQq6YxdBEEz+Ut7WrC6EfZPfTz7ReodWsCQ== X-Gm-Gg: ASbGncvD4gqI6ciBkGo0FErwWjk0x2w92N4wTZ88hiM9N9khpRdZkkDPY1G3qrcXBba MvufITBdC8GayFaSuSZqayL2ZknfDJUZCpdZdo/KqOmDycOBJEFokLsV6JC69y5uGadpqrptQz+ w6Fe7UYTN5EsZzE3JjIlFwi634TJ025weplu7Uxc9+r4Y6DrnscltgQofoQPwwSREB4gPcvqVzr Byu X-Google-Smtp-Source: AGHT+IE1/9re/hd1Nf3oNtH7LiT9HxSPI3hiGbcCKYQzlhHx9Ta5KUQtM8QiDR51Pi6DdmrRluiA2tBAjlKnnrv0CiI= X-Received: by 2002:a05:6402:34d5:b0:612:e443:ff4e with SMTP id 4fb4d7f45d1cf-6149b5a5ec4mr3543424a12.26.1753285928160; Wed, 23 Jul 2025 08:52:08 -0700 (PDT) MIME-Version: 1.0 References: <20250723084332.3650349-1-michael@niedermayer.cc> In-Reply-To: <20250723084332.3650349-1-michael@niedermayer.cc> From: Kacper Michajlow Date: Wed, 23 Jul 2025 17:51:35 +0200 X-Gm-Features: Ac12FXwHpcXQvIftLccU1kMvWccf1HnwOCY2ADnCrEL8O_WNjkCsKifeDzcwwgM Message-ID: To: FFmpeg development discussions and patches Subject: Re: [FFmpeg-devel] [PATCH] avformat/asfdec_f: Check amount of value read X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" Archived-At: List-Archive: List-Post: On Wed, 23 Jul 2025 at 10:43, Michael Niedermayer wrote: > > Fixes: use of uninitialized memory > Fixes: 403675492/clusterfuzz-testcase-minimized-ffmpeg_dem_ASF_fuzzer-4754281823797248 > > Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg > Signed-off-by: Michael Niedermayer > --- > libavformat/asfdec_f.c | 4 +++- > 1 file changed, 3 insertions(+), 1 deletion(-) > > diff --git a/libavformat/asfdec_f.c b/libavformat/asfdec_f.c > index ea6e8ef4f3a..10f5dea57c3 100644 > --- a/libavformat/asfdec_f.c > +++ b/libavformat/asfdec_f.c > @@ -241,7 +241,9 @@ static void get_tag(AVFormatContext *s, const char *key, int type, int len, int > avio_get_str16le(s->pb, len, value, 2 * len + 1); > break; > case -1: // ASCI > - avio_read(s->pb, value, len); > + ;int ret = ffio_read_size(s->pb, value, len); stray ; > + if (ret < 0) > + goto finish; > value[len]=0; > break; > case ASF_BYTE_ARRAY: > -- > 2.49.0 > > _______________________________________________ > ffmpeg-devel mailing list > ffmpeg-devel@ffmpeg.org > https://ffmpeg.org/mailman/listinfo/ffmpeg-devel > > To unsubscribe, visit link above, or email > ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe". _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".