avcodec/wmaprodec: Check if the channel sum of all internal contexts match the external
authorMichael Niedermayer <michael@niedermayer.cc>
Tue, 12 Nov 2019 17:39:08 +0000 (18:39 +0100)
committerMichael Niedermayer <michael@niedermayer.cc>
Tue, 10 Dec 2019 15:09:14 +0000 (16:09 +0100)
Fixes: NULL pointer dereference
Fixes: 18689/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_XMA1_fuzzer-5715114640015360

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
libavcodec/wmaprodec.c

index 87e2ead..6a22e2f 100644 (file)
@@ -1930,6 +1930,8 @@ static av_cold int xma_decode_init(AVCodecContext *avctx)
         s->start_channel[i] = start_channels;
         start_channels += s->xma[i].nb_channels;
     }
+    if (start_channels != avctx->channels)
+        return AVERROR_INVALIDDATA;
 
     return ret;
 }