OSDN Git Service
(root)
/
android-x86
/
external-ffmpeg.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
ac0e03b
)
h264_cavlc: check the size of the intra PCM data.
author
Anton Khirnov
<anton@khirnov.net>
Fri, 15 Nov 2013 08:42:26 +0000
(09:42 +0100)
committer
Anton Khirnov
<anton@khirnov.net>
Thu, 21 Nov 2013 19:52:34 +0000
(20:52 +0100)
Fixes invalid reads.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC:libav-stable@libav.org
libavcodec/h264_cavlc.c
patch
|
blob
|
history
diff --git
a/libavcodec/h264_cavlc.c
b/libavcodec/h264_cavlc.c
index
5ed1d5d
..
d3f6dcb
100644
(file)
--- a/
libavcodec/h264_cavlc.c
+++ b/
libavcodec/h264_cavlc.c
@@
-765,6
+765,10
@@
decode_intra_mb:
// We assume these blocks are very rare so we do not optimize it.
h->intra_pcm_ptr = align_get_bits(&h->gb);
+ if (get_bits_left(&h->gb) < mb_size) {
+ av_log(h->avctx, AV_LOG_ERROR, "Not enough data for an intra PCM block.\n");
+ return AVERROR_INVALIDDATA;
+ }
skip_bits_long(&h->gb, mb_size);
// In deblocking, the quantizer is 0
OSDN Git Service
