Skip to content
  • Jingning Han's avatar
    Fix out of boundary memory read in fuzz test on vpxdec · 1ba18717
    Jingning Han authored
    This commit fixes frame header decoding for superframe index, to
    prevent out of boundary memory read triggered by fuzz test
    vector. It resolves a chromium security violation issue
    crbug.com/376802.
    
    The issue was introduced in the change:
    
    Add VPXD_SET_DECRYPTOR support to the VP9 decoder.
    cl-id I88f86c8ff9af34e0b6531028b691921b54c2fc48
    
    where the buffer was read before validation check on index offset
    applied.
    
    A test vector is added accordingly.
    
    Change-Id: I41c988e776bbdd1033312a668e03a3dbcf44ca99
    1ba18717