avcodec/mlpdec: Do not leave a invalid num_primitive_matrices in the context
authorMichael Niedermayer <michael@niedermayer.cc>
Fri, 19 May 2017 23:23:01 +0000 (01:23 +0200)
committerMichael Niedermayer <michael@niedermayer.cc>
Fri, 19 May 2017 23:24:11 +0000 (01:24 +0200)
Fixes: runtime error: index 8 out of bounds for type 'uint8_t [8]'
Fixes: 1699/clusterfuzz-testcase-minimized-6327177438035968

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
libavcodec/mlpdec.c

index 5426712..eac19a0 100644 (file)
@@ -729,6 +729,7 @@ static int read_matrix_params(MLPDecodeContext *m, unsigned int substr, GetBitCo
         av_log(m->avctx, AV_LOG_ERROR,
                "Number of primitive matrices cannot be greater than %d.\n",
                max_primitive_matrices);
+        s->num_primitive_matrices = 0;
         return AVERROR_INVALIDDATA;
     }