aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--Android.bp4
-rw-r--r--Android.bp.in4
-rw-r--r--README.version1
-rw-r--r--libaom/av1/decoder/obu.c5
-rw-r--r--libaom/test/invalid_file_test.cc2
-rw-r--r--libaom/test/test-data.sha14
-rw-r--r--libaom/test/test_data_util.cmake4
-rw-r--r--libaom_blacklist.txt4
8 files changed, 28 insertions, 0 deletions
diff --git a/Android.bp b/Android.bp
index 523bb8c19..3a5ad26cc 100644
--- a/Android.bp
+++ b/Android.bp
@@ -507,6 +507,10 @@ cc_library_static {
},
+ sanitize: {
+ blacklist: "libaom_blacklist.txt",
+ },
+
}
cc_fuzz {
diff --git a/Android.bp.in b/Android.bp.in
index e5851db1e..3d9c5c673 100644
--- a/Android.bp.in
+++ b/Android.bp.in
@@ -106,6 +106,10 @@ cc_library_static {
},
+ sanitize: {
+ blacklist: "libaom_blacklist.txt",
+ },
+
}
cc_fuzz {
diff --git a/README.version b/README.version
index 23b6ba17a..95519e8c3 100644
--- a/README.version
+++ b/README.version
@@ -4,6 +4,7 @@ Local Modifications:
Rename files to avoid object collisions:
aom_dsp/x86/highbd_intrapred_sse2.asm
aom_dsp/x86/intrapred_sse2.asm
+ 7ad847ac6 Seq header shouldn't change in the middle of frame
Updates to libaom/examples/av1_dec_fuzzer.cc to include the following commits from upstream
139efd2c8 av1_dec_fuzzer: get thread count from 1st byte of frame header
adfc4b7f8 av1_dec_fuzzer: Remove fmemopen dependency
diff --git a/libaom/av1/decoder/obu.c b/libaom/av1/decoder/obu.c
index aaea57270..ac66df56e 100644
--- a/libaom/av1/decoder/obu.c
+++ b/libaom/av1/decoder/obu.c
@@ -760,6 +760,11 @@ int aom_decode_frame_from_obus(struct AV1Decoder *pbi, const uint8_t *data,
case OBU_SEQUENCE_HEADER:
decoded_payload_size = read_sequence_header_obu(pbi, &rb);
if (cm->error.error_code != AOM_CODEC_OK) return -1;
+ // The sequence header should not change in the middle of a frame.
+ if (pbi->sequence_header_changed && pbi->seen_frame_header) {
+ cm->error.error_code = AOM_CODEC_CORRUPT_FRAME;
+ return -1;
+ }
break;
case OBU_FRAME_HEADER:
case OBU_REDUNDANT_FRAME_HEADER:
diff --git a/libaom/test/invalid_file_test.cc b/libaom/test/invalid_file_test.cc
index 0478c7e5e..2a1c9a975 100644
--- a/libaom/test/invalid_file_test.cc
+++ b/libaom/test/invalid_file_test.cc
@@ -114,6 +114,8 @@ TEST_P(InvalidFileTest, ReturnCode) { RunTest(); }
const DecodeParam kAV1InvalidFileTests[] = {
{ 1, "invalid-bug-1814.ivf" },
{ 1, "invalid-chromium-906381.ivf" },
+ { 1, "invalid-google-142530197.ivf" },
+ { 1, "invalid-google-142530197-1.ivf" },
{ 1, "invalid-oss-fuzz-9288.ivf" },
{ 4, "invalid-oss-fuzz-9463.ivf" },
{ 1, "invalid-oss-fuzz-9482.ivf" },
diff --git a/libaom/test/test-data.sha1 b/libaom/test/test-data.sha1
index bd6320634..91487e4ba 100644
--- a/libaom/test/test-data.sha1
+++ b/libaom/test/test-data.sha1
@@ -4,6 +4,10 @@ b87815bf86020c592ccc7a846ba2e28ec8043902 *hantro_odd.yuv
d3964f9dad9f60363c81b688324d95b4ec7c8038 *invalid-bug-1814.ivf.res
09aa07e5325b3bb5462182eb30b8ecc914630740 *invalid-chromium-906381.ivf
09d2af8dd22201dd8d48e5dcfcaed281ff9422c7 *invalid-chromium-906381.ivf.res
+f7c83c14aa35b928ba8b70f3eaa3b92070be4519 *invalid-google-142530197-1.ivf
+d3964f9dad9f60363c81b688324d95b4ec7c8038 *invalid-google-142530197-1.ivf.res
+703c05720d5d67053bcee44987635cd78af2f971 *invalid-google-142530197.ivf
+d3964f9dad9f60363c81b688324d95b4ec7c8038 *invalid-google-142530197.ivf.res
fa06784f23751d8c37be94160fb821e855199af4 *invalid-oss-fuzz-10061.ivf
b055f06b9a95aaa5697fa26497b592a47843a7c8 *invalid-oss-fuzz-10061.ivf.res
c9e06c4c7fb7d69fd635a1f606a5e478d60e99cf *invalid-oss-fuzz-10117-mc-buf-use-highbd.ivf
diff --git a/libaom/test/test_data_util.cmake b/libaom/test/test_data_util.cmake
index c3c86aa77..69703d6c1 100644
--- a/libaom/test/test_data_util.cmake
+++ b/libaom/test/test_data_util.cmake
@@ -516,6 +516,10 @@ if(CONFIG_AV1_DECODER)
"invalid-bug-1814.ivf.res"
"invalid-chromium-906381.ivf"
"invalid-chromium-906381.ivf.res"
+ "invalid-google-142530197-1.ivf"
+ "invalid-google-142530197-1.ivf.res"
+ "invalid-google-142530197.ivf"
+ "invalid-google-142530197.ivf.res"
"invalid-oss-fuzz-10061.ivf"
"invalid-oss-fuzz-10061.ivf.res"
"invalid-oss-fuzz-10117-mc-buf-use-highbd.ivf"
diff --git a/libaom_blacklist.txt b/libaom_blacklist.txt
new file mode 100644
index 000000000..07b390430
--- /dev/null
+++ b/libaom_blacklist.txt
@@ -0,0 +1,4 @@
+[cfi]
+# libaom/av1/common/reconintra.c: indirect call to assembly code on x86/x86_64 platform
+fun:dr_predictor
+fun:build_intra_predictors
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-10 18:40:00 +0000