Commit 9c061ef5 authored by Yaowu Xu's avatar Yaowu Xu
Browse files

Properly validate data size

With "show_existing_frame" frames:
Minimum data size for profile 0 and 1 is 1 byte (8bits)
Minimum data size for profile 2 and 3 is 2 bytes (9bits)

Otherwise:
Minimum data size is 8 bytes.

This resolves the VP9 failure in fuzzing test build #56.

Change-Id: I146d9d37688f535dd68d24aacc76d464ccffdf04
parent 2fe1bfa5
......@@ -148,7 +148,11 @@ static vpx_codec_err_t decoder_peek_si_internal(const uint8_t *data,
if (frame_marker != VP9_FRAME_MARKER)
return VPX_CODEC_UNSUP_BITSTREAM;
if (profile >= MAX_PROFILES) return VPX_CODEC_UNSUP_BITSTREAM;
if (profile >= MAX_PROFILES)
return VPX_CODEC_UNSUP_BITSTREAM;
if ((profile >= 2 && data_sz <= 1) || data_sz < 1)
return VPX_CODEC_UNSUP_BITSTREAM;
if (vp9_rb_read_bit(&rb)) { // show an existing frame
vp9_rb_read_literal(&rb, 3); // Frame buffer to show.
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment