avcodec/hq_hqa: Check remaining input bits in hqa_decode_mb()

Fixes: Timeout Fixes: 9634/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_HQ_HQA_fuzzer-6267852259590144 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpegSigned-off-by: Michael Niedermayer <michael@niedermayer.cc>

avcodec/hq_hqa: Check remaining input bits in hqa_decode_mb()
Fixes: Timeout Fixes: 9634/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_HQ_HQA_fuzzer-6267852259590144 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpegSigned-off-by: Michael Niedermayer <michael@niedermayer.cc>
c9222b97 · Michael Niedermayer · 1cbac9ce · c9222b97
Commit c9222b97 authored Aug 20, 2018 by Michael Niedermayer
Hide whitespace changes
Inline Side-by-side

Showing with 3 additions and 0 deletions

hq_hqa.c libavcodec/hq_hqa.c +3 -0

No files found.
--- a/libavcodec/hq_hqa.c
+++ b/libavcodec/hq_hqa.c
@@ -181,6 +181,9 @@ static int hqa_decode_mb(HQContext *c, AVFrame *pic, int qgroup,
    int flag = 0;
    int i, ret, cbp;
+    if (get_bits_left(gb) < 1)
+        return AVERROR_INVALIDDATA;
    cbp = get_vlc2(gb, c->hqa_cbp_vlc.table, 5, 1);
    for (i = 0; i < 12; i++)