Skip to content
Permalink
Browse files Browse the repository at this point in the history
avcodec/ac3_parser: Check init_get_bits8() for failure
Fixes: null pointer dereference
Fixes: ffmpeg_crash_6.avi

Found-by: Thuan Pham, Marcel Böhme, Andrew Santosa and Alexandru Razvan Caciulescu with AFLSmart
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
  • Loading branch information
michaelni committed Jun 28, 2018
1 parent ed22dc2 commit 00e8181
Showing 1 changed file with 3 additions and 1 deletion.
4 changes: 3 additions & 1 deletion libavcodec/ac3_parser.c
Expand Up @@ -162,7 +162,9 @@ int avpriv_ac3_parse_header(AC3HeaderInfo **phdr, const uint8_t *buf,
return AVERROR(ENOMEM);
hdr = *phdr;

init_get_bits8(&gb, buf, size);
err = init_get_bits8(&gb, buf, size);
if (err < 0)
return AVERROR_INVALIDDATA;
err = ff_ac3_parse_header(&gb, hdr);
if (err < 0)
return AVERROR_INVALIDDATA;
Expand Down

1 comment on commit 00e8181

@thuanpv
Copy link

@thuanpv thuanpv commented on 00e8181 Jul 6, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is CVE-2018-13303

Please sign in to comment.